last executing test programs:

2m7.305270285s ago: executing program 1 (id=1184):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000140)='cgroup.max.descendants\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[], 0x27)

2m7.259998117s ago: executing program 1 (id=1186):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
syz_emit_ethernet(0xbe, &(0x7f0000000380)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x35}, {[@cipso={0x86, 0x77, 0x0, [{0x5, 0xc, "e256b28c04000000fb52"}, {0x0, 0x9, "789607671442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x6, 0x12, "076a652ec101f20ccbc3c9cfa11cab1a"}, {0x0, 0x10, "c600"/14}, {0x0, 0xa, "6580a5e97612fe86"}, {0x0, 0x12, "73bc2300ad9d19a30000000000000000"}, {0x0, 0x7, "c8f46976e7"}]}, @cipso={0x86, 0x6}]}}}}}}}, 0x0)

2m7.242318258s ago: executing program 1 (id=1189):
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000fcdbdf2512000000180001801400020076657468300000000000000008000000080009"], 0x3c}, 0x1, 0x0, 0x0, 0x400c000}, 0x2004c0a0)
r0 = socket$inet6(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac1414003400080004"], 0x2c}}, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

2m7.223210199s ago: executing program 1 (id=1190):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x110)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
umount2(&(0x7f0000000040)='./file0/../file0\x00', 0x0)

2m7.172036301s ago: executing program 1 (id=1196):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000800)={r2, &(0x7f0000000740)}, 0x20)

2m6.97718645s ago: executing program 1 (id=1204):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="d81f96bed9556700"/23, 0x17}], 0x15, 0x2009c00, 0x2, 0x0)

2m6.897755023s ago: executing program 32 (id=1204):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="d81f96bed9556700"/23, 0x17}], 0x15, 0x2009c00, 0x2, 0x0)

2m5.471896565s ago: executing program 3 (id=1255):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r1, &(0x7f0000001440)=""/126, 0x7e, 0x41)

2m5.410948268s ago: executing program 3 (id=1256):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='mm_page_alloc\x00', r0}, 0x10)
r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1f0719, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x1, @perf_config_ext={0xffff, 0x8000000}, 0x6025, 0x4005, 0x6d5, 0x3, 0x2, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r1, 0x0)

2m5.258521404s ago: executing program 3 (id=1261):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r1)
sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r2, 0x1, 0x0, 0x25dfdbfc}, 0x14}}, 0x0)

2m5.235338725s ago: executing program 3 (id=1264):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x2048c5, &(0x7f0000000340)=ANY=[@ANYBLOB="726f6469722c756e695f786c6174653d312c726f6469722c756e695f786c6174653d302c636865636b3d72656c617865642c73686f72746e616d653d77696e6e742c6e6f636173652c73686f72746e616d653d6c6f7765722c747a3d5554432c756e695f786c6174653d312c73686f77657865632c6e6f6e756d7461696c00002c007d88658bba9f86c7bbf19329c9a2a1c1511e3af2126ad5803a0f4e3d8521dd3f1b515a0673be6fb14db7c6534edf0e5e1d29e4f05d5c82fd3e0372c644e7ba7ccec22efc923b0beac1490e"], 0x0, 0x29f, &(0x7f0000000580)="$eJzs3UFrE1sYxvGnSdukKW2yKBfuhct9uW50M7TxEwRpQQwotRF1IUztREPGpGRiJCK2O7d+juLSlYL6Bbpx517cFEFw04UYaZKxaRswra1Tzf8HYU7OOe/MmZyZ8M5AJlvXn94rFwOn6NYVS5pi0rq2pcxOqWuku4y1y+Pqta5zk5/f/Xv1xs1LuXx+ftFsIbd0Pmtm0/+9evDo2f9v6pPXnk+/TGgzc2vrU/b95l+bf299XQrXXpVcW65W6+6y79lKKSg7Zld8zw08K1UCr1a3nvaiX11dbZpbWZlKrda8IDC30rSy17R61eq1prl33FLFHMexqZSGTfzQEYWNxUU3dyKDQRQm+lXWajk33rexsPErBgUAAE6XqPL/u6XASoFVqnvy+4P5f0yHyP+loc7/D4/8fxjs5P+p7vm7F/k/AAAAAAAAAAAAAAAAAAAAAAC/g+1WK91qtdLhMnwlJCUlhe+jHidOBvM/3Hp+uJeU/CeNQqPQWXbac0WV5MvT7Jj0pX08dHXKCxfz87PWltFrf60bv9YoxJUI40OZ/vFznXjrjV/TmFK9288qrZn+8dk+8Y3CuM6eaSW6W/bkKK23t1WVr5X2cb0b/3jO7MLl/L74iXY/AAAAAAD+BI59d+D6vd3uWPjYkH3tncrd+wNK/+D+wL7r61H9MxrdfgMAAAAAMEyC5sOy6/tebQgK4f8fHMsKo//okoN2HpXUrXlxWuZikEJM0lHD4z83yx8l7amZiXy6j6Pw4X7nDBikc5TfSgAAAABOQpj0j0Q9EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhtigDw8L+x/l2WM9m4tHs5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA6fAtAAD//2kbF4o=")
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x20000, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)

2m5.162822518s ago: executing program 3 (id=1268):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000380)={'syz', 0x2}, &(0x7f0000000080)='\x86\xf4\x9e\xc4\x80\xb2!\x99\xb1C\xf6+\x18\xf8\x9a\xc9\x0f\x1fL .\xd6\xfb\x10\xeb\xc5\xc5\xb1\x01]2', 0xfffffffffffffffd)
openat$tun(0xffffffffffffff9c, 0x0, 0x20702, 0x0)

2m4.868854721s ago: executing program 3 (id=1275):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000000), 0x1, 0x4bd, &(0x7f0000000a00)="$eJzs3U9vVF0ZAPDn3ra0lEKLkvgnKogoGsJMO0BDWOFGYwiJkbhyAbUdmqYznaYzRVpZlO9gIokr/QjuXJiwcu9Od25wYYJKNNTExby5d6bQt3TaAu0MML9fcrn33DMzz3MY7jnD6fSeAPrWuYjYiIhjEXEvIsbb55P2FjdbW/a4ly8ezW6+eDSbRLN5519JXp+di23PyZxov+ZIRPzkhxE/T96MW19bX5ypVMor7XKxUV0u1tfWLy9UZ+bL8+WlUml6anry+pVrpUNr69nq75//YOHWT//4h68/+/PG936ZpTXWrtvejsPUavrQqziZwYi4dRTBemCg3Z5jvU6Ed5JGxBci4nx2/Td7nQ0A0A3N5ng0x7eXAYBPXZrPgSVpoT0XMJb/2XImRtNKrd64dL+2ujTXmiubiKH0/kKlPNmeK5yIoSQrT+XHr8ulHeUrEXE6In41fDwvF2ZrlbnefOQBgL53Ysf4/9/hNC0Uep0VAHDkRt7xebt8rwcA+Ei86/gPAHy8jP8A0H+M/wDQf4z/ANB/jP8A0H+M/wDQV358+3a2NTfb97+ee7C2ulh7cHmuXF8sVFdnC7O1leXCfK02n9+zp7rf61VqteWpq7H6sNgo1xvF+tr63WptdalxN7+v993yUFdaBQDs5fTZp39NImLjxvF8i21rORir4dOW9joBoGcGduyB/jHY6wSAnvF/fGC/W3l2/IrQk8PPBeiOi18x/w/9yvw/9C/z/tC/zP9D/2o2k7dZ83/gbR4MAHyYzPEDfv4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb28s35K00F4LfCzStFCIOBkREzGU3F+olCcj4lRE/GV4aDgrT/U6aQDgPaX/SNrrf10cvzC2s/ZY8r/hfB8Rv/jNnV8/nGk0Vqay8/8e2TrfeNI+X+pF/gDAfrbG6a1xfMvLF49mt7Zu5vP8+63FRbO4m+2tVTMYg/l+JIYiYvQ/Sbvckn1eGTiE+BuPI+LLu7U/yedGJtorn+6Mn8U+2dX46efip3lda5/9XXzxEHKBfvM0639u7nb9pXEu3+9+/Y/kPdT72+r/Nt/o/9JX/d9Ah/7v3EFjXP3TjzrWPY746uBu8ZNX8ZMO8S8cMP7fvvaN853qmr+NuBi7x98eq9ioLhfra+uXF6oz8+X58lKpND01PXn9yrVSMZ+jLm7NVL/pnzcundqr/aMd4o/s0/5vH7D9v/v/vZ99c4/43/3W7u//mT3iZ2Pidw4Yf2a08+reWfy5Du3f7/2/dMD4z/6+PnfAhwIAXVBfW1+cqVTKKw66dpB9dvsA0nDQs4PsX8BhvM6XjjDVXvdMwFF7fdH3OhMAAAAAAAAAAAAAAKCTbvzCU6/bCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKfrswAAAP//qkjTjA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
open$dir(0x0, 0x0, 0x80)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f00000002c0)=0x2)

2m4.836351393s ago: executing program 33 (id=1275):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000000), 0x1, 0x4bd, &(0x7f0000000a00)="$eJzs3U9vVF0ZAPDn3ra0lEKLkvgnKogoGsJMO0BDWOFGYwiJkbhyAbUdmqYznaYzRVpZlO9gIokr/QjuXJiwcu9Od25wYYJKNNTExby5d6bQt3TaAu0MML9fcrn33DMzz3MY7jnD6fSeAPrWuYjYiIhjEXEvIsbb55P2FjdbW/a4ly8ezW6+eDSbRLN5519JXp+di23PyZxov+ZIRPzkhxE/T96MW19bX5ypVMor7XKxUV0u1tfWLy9UZ+bL8+WlUml6anry+pVrpUNr69nq75//YOHWT//4h68/+/PG936ZpTXWrtvejsPUavrQqziZwYi4dRTBemCg3Z5jvU6Ed5JGxBci4nx2/Td7nQ0A0A3N5ng0x7eXAYBPXZrPgSVpoT0XMJb/2XImRtNKrd64dL+2ujTXmiubiKH0/kKlPNmeK5yIoSQrT+XHr8ulHeUrEXE6In41fDwvF2ZrlbnefOQBgL53Ysf4/9/hNC0Uep0VAHDkRt7xebt8rwcA+Ei86/gPAHy8jP8A0H+M/wDQf4z/ANB/jP8A0H+M/wDQV358+3a2NTfb97+ee7C2ulh7cHmuXF8sVFdnC7O1leXCfK02n9+zp7rf61VqteWpq7H6sNgo1xvF+tr63WptdalxN7+v993yUFdaBQDs5fTZp39NImLjxvF8i21rORir4dOW9joBoGcGduyB/jHY6wSAnvF/fGC/W3l2/IrQk8PPBeiOi18x/w/9yvw/9C/z/tC/zP9D/2o2k7dZ83/gbR4MAHyYzPEDfv4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb28s35K00F4LfCzStFCIOBkREzGU3F+olCcj4lRE/GV4aDgrT/U6aQDgPaX/SNrrf10cvzC2s/ZY8r/hfB8Rv/jNnV8/nGk0Vqay8/8e2TrfeNI+X+pF/gDAfrbG6a1xfMvLF49mt7Zu5vP8+63FRbO4m+2tVTMYg/l+JIYiYvQ/Sbvckn1eGTiE+BuPI+LLu7U/yedGJtorn+6Mn8U+2dX46efip3lda5/9XXzxEHKBfvM0639u7nb9pXEu3+9+/Y/kPdT72+r/Nt/o/9JX/d9Ah/7v3EFjXP3TjzrWPY746uBu8ZNX8ZMO8S8cMP7fvvaN853qmr+NuBi7x98eq9ioLhfra+uXF6oz8+X58lKpND01PXn9yrVSMZ+jLm7NVL/pnzcundqr/aMd4o/s0/5vH7D9v/v/vZ99c4/43/3W7u//mT3iZ2Pidw4Yf2a08+reWfy5Du3f7/2/dMD4z/6+PnfAhwIAXVBfW1+cqVTKKw66dpB9dvsA0nDQs4PsX8BhvM6XjjDVXvdMwFF7fdH3OhMAAAAAAAAAAAAAAKCTbvzCU6/bCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKfrswAAAP//qkjTjA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
open$dir(0x0, 0x0, 0x80)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f00000002c0)=0x2)

1.832961591s ago: executing program 4 (id=6558):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000001080)={0x200000, 0x200000})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x1a8)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, 0x0)

1.798595732s ago: executing program 4 (id=6559):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x635c, 0x1f480, 0x0, 0x399})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0xb, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x45}, 0x94)
io_uring_enter(r0, 0x8ae, 0x6933, 0x17, 0x0, 0xeffd)

1.732625245s ago: executing program 4 (id=6562):
r0 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x2)
r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000080)={0x0, 0xec21, 0x80, 0x1, 0x40000333}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000001800)=""/201, 0xc9}, {0x0}], 0x2, 0x0, 0x1})
io_uring_enter(r1, 0x847ba, 0x2000, 0xe, 0x0, 0x0)

1.434046928s ago: executing program 4 (id=6577):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x7}]})
openat$ptmx(0xffffffffffffff9c, 0x0, 0x121002, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x80000010})
epoll_pwait2(r1, &(0x7f0000000000)=[{}], 0xf7, 0x0, 0x0, 0x0)

993.067647ms ago: executing program 2 (id=6585):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
lseek(0xffffffffffffffff, 0x2c0000, 0x2)

922.57534ms ago: executing program 2 (id=6575):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
writev(r1, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001400add427323b472545b4560a117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

882.456472ms ago: executing program 2 (id=6576):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100dc05000000000040b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = dup(r0)
ioctl$GIO_UNISCRNMAP(r2, 0x43403d0e, 0x0)

872.699752ms ago: executing program 0 (id=6589):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x1b, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000900000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ff0f0000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000050000008500000017000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

846.113654ms ago: executing program 2 (id=6579):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x6}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f68737200000000140001"], 0xfc}}, 0x0)

816.292425ms ago: executing program 2 (id=6580):
io_setup(0x2278, &(0x7f0000000180)=<r0=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_timeval(r2, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
io_submit(r0, 0x2, &(0x7f0000000480)=[&(0x7f00000000c0)={0x0, 0x4, 0x0, 0x0, 0x76fa, r2, &(0x7f0000000200)=' ', 0x1, 0x0, 0x0, 0x2}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x2, 0x2, r1, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x2}])
syz_clone(0x4080080, 0x0, 0x0, 0x0, 0x0, 0x0)

797.412265ms ago: executing program 6 (id=6582):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
symlinkat(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000ac0)=@filename='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, &(0x7f0000001ac0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')

792.707235ms ago: executing program 0 (id=6594):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0xd000000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b)

617.289683ms ago: executing program 5 (id=6587):
syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200), 0x1, 0x257, &(0x7f0000000ac0)="$eJzs3T1oJGUcBvBnZncv5m6RUxtB/AAR0UA4O8HmbBQO5DhEBBVORGyUO+G8w+7WysZCa5WrbA6xM1pKmmCjiFZRU8RG0GBhsNBiZXc2EpMN6u5mx8v8fjCZr3fm/w4zz5ttZjdAY51McjpJK8lSkk6SYneDe6rp5Gj12uLa+aTff/KXYtiuWq/sHHciSS/Jw0lWyyIvt5MrK89u/rb++P1vXe7c98HKM4tzvciRrc2NJ7bfP/vmx2ceuvLlNz+dLXI63b9d1+wVY7a1i+TWwyj2P1G06+4B/8a51z/6dpD725LcO8x/J2Wqm/f2pWOrnTz43kHHvvPzV3fMs6/A7PX7ncH/wF4faJwySTdFuZykWi7L5eXqM/x3rePlKxcvvbb00sXLF16se6QCZqWbbDz26cInJ/bk/8dWlX/g6Brk/6lz178fLG+3JjrFwqz7BByyO6vZIP9Lz199IJPnH7hByT80l/xDc8k/NJf8Q3PJPzSX/MMR9PVo3tnZ0BvbTP6hueQfjrhjB++Sf2iu3fkHAJqlv1D3G8hAXeoefwAAAAAAAAAAAAAAAAAAgP2uLa6d35nmVfPzd5OtR5O0x9VvDX+POLlp+Pf4r8Wg2V+K6rCpPHf3lCeY0oc1v3198w/11v/irnrrX72Q9N5Icqrd3v/8FaPnb3K3/MP+zgtTFviPij3rjzw93/p7/XG93vpn1pPPBuPPqRTZd//L3D6cjx9/uru/YnlCr/4+5QkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmz8DAAD//25Tbg4=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r0, &(0x7f0000000180)='2', 0x1, 0xfecc)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x441, 0x80)
fallocate(r1, 0x8, 0x4000, 0x4000)

615.393373ms ago: executing program 6 (id=6599):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0x7000000)

396.718843ms ago: executing program 0 (id=6588):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000000340), 0x1, 0x564, &(0x7f0000000c00)="$eJzs3c9vHFcdAPDvjH82SesEeoAKSIBCQFF2400bVb20XECoqoSoOCAOqbE3lsluNmTXpTaRcP8GkEDiBH8CByQOSD1xgBNHJA6AKAekAhEoRuph0MyO7Y29Jou93iXez0eazI83M9/3djPz3r5dzwtgYl2KiK2ImI2INyNiodyelFO82p3y/R4+uL+8/eD+chJZ9sbfkyI93xY9x+TOluecj4ivfinim8nBuO2NzdtLjUb9Xrle7TTvVtsbm1fXmkur9dX6nVrtxuKNay9df7E2tLJebP7s/S+uvfa1X/7i4+/9duvz382zda5M6y3HMHWLPrMbJzcdEa+dRLAxmCrns2POB0eTRsSHIuJTxfW/EFPF/04A4DTLsoXIFnrXAYDTLi36wJK0EhFpWjYCKt0+vGfjTNpotTtXbrXW76x0+8rOx0x6a61Rv3Zh7vffLnaeSfL1xSKtSC/Wa/vWr0fEhYj4wdxTxXpludVYGU+TBwAm3tne+j8i/jWXppXKQIf2+VYPAHhizI87AwDAyKn/AWDyqP8BYPIMUP+XX/ZvnXheAIDR8PkfACaP+h8AJo/6HwAmyldefz2fsu3y+dcrb22s3269dXWl3r5daa4vV5Zb9+5WVlut1eKZPc3Hna/Rat1dfCHW36526u1Otb2xebPZWr/TuVk81/tmfWYkpQIA/psLF9/9XRIRWy8/VUzRM5aDuhpOt3SIewFPlqnjHKyBAE80o33B5BqoCi8aCb8+8bwA49H3Yd7zfRcf9aP/IYjfGcH/lcsfHbz/3xjPcLrs69n/IBtXRoCRO1r//ytDzwcwekfu///jcPMBjF6WJfvH/J/dTQIATqVj/IQv+96wGiHAWD1uMO+hfP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp8y5iPhWJGmlGAs8zf9NK5WIpyPifMwkt9Ya9WsR8UxcjIiZuXx9cdyZBgCOKf1rUo7/dXnh+XP7U2eTf88V84j4zo/f+OHbS53OvcV8+z92t8/tDB9W2zvuGOMKAgCD+/MgOxX1d62c93yQf/jg/vLOdIJ5POD9L+wOPrq8/eB+MXVTpiPLsixivmhLnPlnEtPlMfMR8VxETA0h/tY7EfGRfuVPir6R8+XIp73xo4z99Ejjp4/ET4u07jx/+T48hLzApHk3v/+82u/6S+NSMe9//c8Xd6jjK+5/8xE7977tnvjTZaSpPvHza/7SoDFe+NWXD2zMFrpp70Q8N90vfrIbPzkk/vMDxv/Dxz7x/VcOSct+EnE5+sfvjVXtNO9W2xubV9eaS6v11fqdWu3G4o1rL11/sVYt+qirOz3VB/3t5SvPHJa3vPxnDonffefP7iv/7O6xnxmw/D/94M1vfHJvdW5//M99uv/7/2wRsf/rn9eJnx0w/tKZnx86fHcef+WQ8j/u/b8yYPz3/rK5MuCuAMAItDc2by81GvV7x1rIP4UO4zwHFvIsDrbzTnPxeEH/FMXC3suSRBJHPuFM/6S8MTbQ4Sf1qp74wvRuW3G4Z/56fsYRFycdeimOshDny4WHowo6vnsSMBp7F31E/GbcuQEAAAAAAAAAAAAAAPoZxd8wjbuMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF7/CQAA///bV8Ru")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181d011, 0x0, 0x0, 0x0, &(0x7f0000000140))
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)

396.557163ms ago: executing program 5 (id=6590):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)

396.452203ms ago: executing program 2 (id=6591):
r0 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
readv(r1, &(0x7f0000001140)=[{&(0x7f0000000700)=""/206, 0xce}], 0x1)

396.328163ms ago: executing program 4 (id=6592):
openat$selinux_member(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x3}, 0x18)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x582, &(0x7f0000009ec0)="$eJzs3U9rHGUcB/DfM9mkf9KaVAStPRgo2IKaNGlFEcEW682DfwqeBGOSltJtG5oItlZsob4DfQGCNy/isYgU9eLVm+ALkGKRNhdvkdnMpNt2N82fTadmPh/YZJ55MjzPZPnuM/vszGwAtTWS/8gi9kbEbIoYaqtrRFE5svR3d25fnlq4fXkqxeLi+/+kSMW68u9T8Xuw2Hh7RPz+c4on+x5sd+7ipTOTzebMhaI8Nn92dmzu4qWXTp+dPDVzaubcxPgr4y8fOTxx5FBP9nN3RPw6erxx7eSb+76f+nbPFz9+dz3F0dhV1LfvR6+MxMjy/6Rd/n99tdeNVaSv2J/2pzg1KuwQa1I+f/0R8XQMRV/cffKG4st3K+0csKkWU8QiUFNJ/qGmyuOA/P1v+aj2iAR4VG4dW5oAuJOW5vYWlvPfWJobjO2tuYGdCynap3VSRPRiZi5vY/b5NJQ/YpPm4YDOrlyNiGc6jf+plc3h1ix+nv/snvxnEfFO8Ttf/9462x+5ryz/8OhsJP8fteX/43W2L/8AAAAAAADQOzeORcSLnT7/y5bP/4kO5/8MRsTRHrT/8M//sps9aAbo4NaxiNcjojz3b6Et/4XhvqK0u3U+QH86ebo5cyginoiIg9G/LS+Pr9DGyL7f+rvWtZ3/lz/y9stzAYt+3Gxsu3eb6cn5yY3sM7Dk1tWIZxud8p+Wx//UYfzPXw9mV9nG4vE3fulW9/D8A5tl8ZuIAx3H/7t3rkgr359jrHU8MFYeFTzosw+v/9CtffmH6uTj/86V8z+c2u/XM7f2Nj7/+88N5L/z8f9AOtG65cxAse7Tyfn5C+MRA+ntB9dPrL3PsBWVeSjzkuf/4P7O7/9XOv7fERFXVtnmiZ/eutatzvgP1cnzP72m8X/tC/s/+Prfbu2vbvw/0hrTDxZrzP/BylYb0Kr7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/R1lE7IqUjS4vZ9noaMRgRDwVO7Pm+bn5F06e/+TcdF7X+v7/rPym36Glciq//3+4rTxxX/lwROyJiK/6drTKo1Pnm9NV7zwAAAAAAAAAAAAAAAAAAAA8Jga7XP+f+6uv6t4Bm65RdQeAysg/1Jf8Q33JP9SX/EN9yT/Ul/xDfck/1Jf8Q33JPwAAAAAAbCl7nrvxR4qIK6/taD1yA0Vdf6U9AzZbVnUHgMq4xQ/Ul1N/oL5S1R0AKvew14Ht694SAAAAAAAAAAAAAOiVA3td/w915fp/qK/u1/+7MwBsda7/h/ryHh9w/T8AAAAAAAAAAAAAPP7mLl46M9lszlxY78K2jW1uwUJ9FiL1IHGPaKHqVyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKD0XwAAAP//dt72Ng==")

394.704493ms ago: executing program 6 (id=6601):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372"], 0xfc}}, 0x0)

360.273964ms ago: executing program 6 (id=6593):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, r0)

308.509787ms ago: executing program 5 (id=6595):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
openat$sysfs(0xffffffffffffff9c, 0x0, 0xa000, 0x2a)
syz_mount_image$iso9660(&(0x7f0000000dc0), &(0x7f0000002380)='./file1\x00', 0x3a0cc0a, &(0x7f00000023c0)=ANY=[@ANYBLOB='hide,dmode=0x0000000000000005,map=normal,map=normal,session=0x000000000000000e,overriderockperm,showassoc,nocompress,utf8,map=normal,session=0x0000000000000006,map=acorn,mode=0x0000000000000086,uid=', @ANYRESDEC=0x0, @ANYBLOB='\x00\x00', @ANYRESDEC, @ANYRESDEC, @ANYRES8, @ANYRESDEC], 0x43, 0xa02, &(0x7f0000003640)="$eJzs3U9sXdWdB/DvfbYTj4lCgAyTQUBewgQMZBzbGcJEbCaxnxMz/jOyHYloNCIMSaooVqmgSIAqNZWqroraRdUF3SF10xUSG9hU2bXbbrqoVLHuDnUVddFX3fueYzv283MSxzbh87Ge3/3zu+f8zrv33SNfv3dP+CZrNpvV4x7nL/xmO5Nl9zk7/tWnn31cPn50I3vSk1eKL5L+JPWkN8mhJGPjc7PTXQq6nlxKcjMpkuxN63lTLqX4WfYtz99M8auq3tKFe2wYm9LkW22njz8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiNirHx4eGRIlOTMxfeqHdWDQHeaWVtubwvq1G/iy+71psU5SP9/UtDfR86uLz6yfLX0Tzdmnu6GpA8/fnokScPvPZEb21p+w0Svht/bw+GfNcbvvfhR9ffWly88m6H9T3t5tx3hrvUucbM5Pzs5PSZc4365Pxs/fSpU8Mnzk/M1ycmpxrzF+cXGtP1sbnGmYXZufrg2Iv1kdOnT9YbQxdnL8ycGx+aaiwtfPXfR4eHT9VfH/qfxpm5+dmZE68PzY+dn5yampw5V8WUq8uYV8sD8b8nF+oLjTPT9frVa4tXTq7KaJ2Xugwa6daSMmi0W9Do8OjoyMjo6MipV06/8urwcO/ygp5UC4bvkDWb3D5os+/hPS6+hT6pbSKoPDnWt/DsDfen1u7/M5XJzORC3kh93Z+xjGcus5nusL5tqf8/dqKxYb0r+/+lXv7Q8uqnUvX/z7bmnu3U/3fIZft+3suH+SjX81YWs5greXfV2r33UGKzuX6rfv2H1mux0y1e/XMujcxkMvOZzWSmc6ZaUm8vqed0TuVUhvNmzmci86lnIpOZSiPzuZj5LKRRHVFjmUsjZ7LQ22rjYMbyYuoZyemczsnU08hQLmY2FzKTcxnPmaqUq7lWve4nN8jxdtDIZoJGNwjaoP9vL7iL/p9vqa0+hcM9a7b7/z13LK+tDR0c266kAAAAgC31r7/P/oOP/+7PSV+eqa6xAwAAAA+b6uN6T5dPfeXUMykmJqcaw2sD39/+3AAAAICtUVTfsSuSDORwa2rpm1DrXAQAAAAAvomq//8/Wz4NlFOHU/j7HwAAAB423e+x3zWiOJ56bpSr6pdbkZfbEe37/A5MTE41hsZmp14byfPVXQaqbxqsKa0nB5Lq6wcv5Ugr6shA63lgdYn9ZdTI0Gsj6c/RdkMGnyufnhtcJ3K0jHwpL7QiX1iK7M+ayJNlJAA87I5u0B9vtv9/KcdbEcefqm7f3vvUOn3wcKtn/eEOtRMAWNZ9jJ2uEcV/LA3/0+Hv/55cPdz6SMFQ3s47WczlHK++bVB94qBdam4WWS51YMXHEI53uRowsGKEl+NL1wMO71v3esDAioFejq+5ItAp9uS6r12x5XsDALbH0TX98Ab9f7PZmlpz/X/jv/8HfKQQAHaV2yPYP8CJO+vs25mmAgBtnXvpDfQ8wIQAAAAAAAAAAAAAAAAAAAAAAAAAAADgIfAg7/9fS/JgRxa4j4kbSXZBGts88Zf2bl+zqr38xo5nuGJib+6/nP5tGeHiw//bs4sP9Xub2MGTEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANumSHrWW15L9ia9w0lObH9WD86NnU5ghxW3cisfZP9O5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8LBp3/+/ltbzI61F6a0lx5JcSvK/O53jVrq10wnssBX3/y/3eZpFelu7PUXf2Pjc7HS5+7O3XP/Vp599XD7upZ6ygLKGVYNLtGvovNVj1VYD41feu/79d75XHz9bJXl2YWJqfPrc3H8tBz5ZfJ7U03osWcr3B0X7KF7d8s/Llnavt6xloqp3fG29/7Le1rfrPfbbn3du27LlNK4tXhkta1povLHw/nevfbAi6PEcSZ4bTAZX1/Sd8tGhpiPp26je4uviJ8X+/DKXqv1fplE0i3IXPZrsSe2frl5bvDL09juLlzvkdCCHk1xO+jef0+G1e2JJddTV+spah6ug8tfBLuVt6JGe/c1mq8SRDm14rDpkBu6qDfXObah0ed3bbTzZIaMn8vxd7+nnu9TY9rdmS2uu+Lr4U3E+f8yPV4z/USv3/7Fs5t1ZxlSRK46Uzm0+ttzy0ZUr3rwzsuO7kgfgp/n//Oft/V9bcf5v76vtOR+tqPGBvS+KVi/UVk0fvKNHap99OmXZzvNgK6pDnv+cl9du1yXPl7ucUbbo/b9a8XXxSTGYv+aG8X8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdr0h61lteS44lOZDk0XK+njS3or7aQLEVxWzSnjVLbmxj7btH7fZUcSu38kH272g6AAAAAAAAAGyZs+NfffrZx+Wj+n98T/6t+CLpb/2nvzfJgeIXfWPjc7PTXQrqSy4luVlO999dDuV22bc8f7OcO3T3bQEANucfAQAA//+INm5i")

300.257077ms ago: executing program 6 (id=6596):
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
link(&(0x7f00000019c0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

201.586571ms ago: executing program 5 (id=6597):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x5c, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)

123.030125ms ago: executing program 0 (id=6598):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0x1, 0xfffffffe}, 0xc)
connect$qrtr(0xffffffffffffffff, 0x0, 0x0)
connect$qrtr(r0, &(0x7f0000000000)={0x2a, 0x1}, 0xc)
writev(0xffffffffffffffff, 0x0, 0x0)

122.950214ms ago: executing program 6 (id=6600):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x40000, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r1 = socket$netlink(0x10, 0x3, 0x0)
preadv(r0, &(0x7f0000000340)=[{0x0}, {&(0x7f0000000140)=""/44, 0x2c}], 0x2, 0x300, 0x8000)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})

81.700467ms ago: executing program 5 (id=6610):
r0 = socket$kcm(0x2, 0x3, 0x2)
recvmsg$kcm(r0, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x18000)
r1 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
sendmsg$kcm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="4c000000150097f87059ae08060c040002ff0f020000000000000187ac1414aaa69d35a2cca84708f7abca1bac1414aabd7c493872f750375ed08a560400000003c48f93b82a03000000461e", 0x4c}], 0x1}, 0x0)

77.080697ms ago: executing program 0 (id=6602):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32=0x0, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00}, 0x94)

40.361908ms ago: executing program 0 (id=6603):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20081e, &(0x7f0000000300)={[{@noblock_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xa30}}, {@grpquota}]}, 0x1, 0x52a, &(0x7f0000001440)="$eJzs3c9vHFcdAPDvjL22k7h1WnoABG1oCwFFWcebNqp6gHJCCFVC9AhSauyNFWXXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di7tpPYXmv385FG+9688XzfizPvzbxd7wtgbF2LiO2ImIqI9yNirtyflFu8093y4z7bebi0u/NwKYkse++fSVGe74uen8ldKc85ExE/+E7Ej5PDcdubWw8WG436epmf7zTX5tubWzfvNxdX6iv11VrtzsKdW2/dfrP2BK2ZObL0leZUmfryp3/Y/sZP82rNlnt623Gauk2v7MfJTUbE984i2BBMlO2ZGnZFeCppRLwYEa8W1/9cTBS/TQBglGXZXGRzvXkAYNSlxRxYklbLuYDZSNNqtTuH91JcThutdufGvdbG6nJ3ruxqVNJ79xv1W+Vc4dWoJHl+oUg/ytcO5G9HxAsR8YvpS0W+utRqLA/zxgcAxtiVA+P/f6a74z8AMOKO/tgMADCKjP8AMH6M/wAwfoz/ADB+uuP/pSf9sSzLfnYW1QEAzoHnfwAYP8Z/ABgr33/33XzLdsvvv17+YHPjQeuDm8v19oNqc2OputRaX6uutForxXf2NI87X6PVWlt4IzY+vPrNtXZnvr25dbfZ2ljt3C2+1/tuvVIctX0OLQMABnnhlU/+nOQj8tuXii161nKoDLVmwFlLh10BYGgmhl0BYGi6q331WaAPGHmPnvGf+EMApgdgRBx3BzDT7w+EsizLzq5KwBm7/gXz/zCuyvn/SZ8ChvFz3Px/sTawNwlhJE0OuwLA0GRZctI1/+OkBwIAF9sRc/xXz/M+BBieAe//v1i+/rZ8c+BHyweP+PgsawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX2976v9Vymd/ZSNNqNeK5YgGgSnLvfqN+KyKej4g/TVem8/zCkOsMADyr9G9Juf7X9bnXZx8revnKfnIqIn7yq/d++eFip7P+x4ip5F/Te/s7H5f7a8cGmzmLFgAAR9sbp4vXngf5z3YeLu1t51mfv3+7e1eQx93dmYrd/fiTMVm8zkQlIi7/OynzXUnP3MWz2P4oIj7fr/1JzBZzIN1bloPx89jPnVL8iRPFTx+Ln5YLNKflv8XnTqEuMG4+yfufd/pdf2lcK177X/8zRQ/17Mr+Lz/V0m7RBz6Kv9f/TQzo/66dNMYbv/9uN3XpcNlHEV+cjNiLvdvT/+zFTwbEf/2E8f/ypZdfHVSW/TrievSP3xtrvtNcm29vbt2831xcqa/UV2u1Owt3br11+83afDFHPT94NPjH2zeeH1SWt//ygPgzx7T/q4NOeuAp9zf/e/+HXzki/tdf6xc/jZeOiJ+PiV8b2OLHLV7+3cDn7jz+8uH2Jyf5/d84YfxP/7p1aNlwAGB42ptbDxYbjfq6hMTFT+T/ZS9ANfomvnVesaaif9HPX+te0weKsuypYg3qMU5j1g24CPYv+oj477ArAwAAAAAAAAAAAAAA9HUef7E07DYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwuv4fAAD//9VG0+g=")

6.21604ms ago: executing program 4 (id=6604):
syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200), 0x1, 0x257, &(0x7f0000000ac0)="$eJzs3T1oJGUcBvBnZncv5m6RUxtB/AAR0UA4O8HmbBQO5DhEBBVORGyUO+G8w+7WysZCa5WrbA6xM1pKmmCjiFZRU8RG0GBhsNBiZXc2EpMN6u5mx8v8fjCZr3fm/w4zz5ttZjdAY51McjpJK8lSkk6SYneDe6rp5Gj12uLa+aTff/KXYtiuWq/sHHciSS/Jw0lWyyIvt5MrK89u/rb++P1vXe7c98HKM4tzvciRrc2NJ7bfP/vmx2ceuvLlNz+dLXI63b9d1+wVY7a1i+TWwyj2P1G06+4B/8a51z/6dpD725LcO8x/J2Wqm/f2pWOrnTz43kHHvvPzV3fMs6/A7PX7ncH/wF4faJwySTdFuZykWi7L5eXqM/x3rePlKxcvvbb00sXLF16se6QCZqWbbDz26cInJ/bk/8dWlX/g6Brk/6lz178fLG+3JjrFwqz7BByyO6vZIP9Lz199IJPnH7hByT80l/xDc8k/NJf8Q3PJPzSX/MMR9PVo3tnZ0BvbTP6hueQfjrhjB++Sf2iu3fkHAJqlv1D3G8hAXeoefwAAAAAAAAAAAAAAAAAAgP2uLa6d35nmVfPzd5OtR5O0x9VvDX+POLlp+Pf4r8Wg2V+K6rCpPHf3lCeY0oc1v3198w/11v/irnrrX72Q9N5Icqrd3v/8FaPnb3K3/MP+zgtTFviPij3rjzw93/p7/XG93vpn1pPPBuPPqRTZd//L3D6cjx9/uru/YnlCr/4+5QkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmz8DAAD//25Tbg4=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r0, &(0x7f0000000180)='2', 0x1, 0xfecc)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x441, 0x80)
fallocate(r1, 0x8, 0x4000, 0x4000)

0s ago: executing program 5 (id=6615):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="500000000201010300000000000000000a0000010c0019"], 0x50}, 0x1, 0x0, 0x0, 0x904}, 0x80088c0)

kernel console output (not intermixed with test programs):

syscall=202 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  137.078864][   T29] audit: type=1326 audit(136.985:3130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13155 comm="syz.4.4255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  137.101798][   T29] audit: type=1326 audit(136.985:3131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13155 comm="syz.4.4255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  137.124799][   T29] audit: type=1326 audit(137.035:3132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13155 comm="syz.4.4255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  137.156332][T13169] EXT4-fs: Ignoring removed nobh option
[  137.171113][T13169] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.4261: iget: bad i_size value: 38620345925642
[  137.171508][T13170] ext2: Unknown parameter 'func'
[  137.240585][T13169] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.4261: couldn't read orphan inode 15 (err -117)
[  137.253791][T13166] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.293459][ T3324] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  137.328994][T13169] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.353284][ T3324] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  137.368194][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.380867][T13169] EXT4-fs (loop6): shut down requested (2)
[  137.391841][T13169] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  137.410304][T13169] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  137.419469][T13169] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  137.439478][T13169] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  137.452520][T13180] 9pnet: p9_errstr2errno: server reported unknown error 
[  137.480840][ T6404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.545298][T13198] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  137.571051][T13198] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  137.584225][T13197] Quota error (device loop6): v2_read_file_info: Free block number 1 out of range (1, 6).
[  137.612485][T13197] EXT4-fs warning (device loop6): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  137.629571][T13197] EXT4-fs (loop6): mount failed
[  137.651744][T13210] netlink: 144 bytes leftover after parsing attributes in process `syz.0.4279'.
[  137.681318][   T29] audit: type=1326 audit(137.655:3133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13212 comm="syz.6.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448b16f749 code=0x7ffc0000
[  137.713623][T13213] ±ÿ: renamed from team_slave_1 (while UP)
[  137.740170][   T29] audit: type=1326 audit(137.665:3134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13212 comm="syz.6.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448b16f749 code=0x7ffc0000
[  137.763479][T13160] bio_check_eod: 168671 callbacks suppressed
[  137.763496][T13160] syz.2.4259: attempt to access beyond end of device
[  137.763496][T13160] loop2: rw=0, sector=2065, nr_sectors = 1 limit=128
[  137.787419][T13160] syz.2.4259: attempt to access beyond end of device
[  137.787419][T13160] loop2: rw=0, sector=2066, nr_sectors = 1 limit=128
[  137.800995][T13160] syz.2.4259: attempt to access beyond end of device
[  137.800995][T13160] loop2: rw=0, sector=2067, nr_sectors = 1 limit=128
[  137.814433][T13160] buffer_io_error: 166272 callbacks suppressed
[  137.814452][T13160] Buffer I/O error on dev loop2, logical block 2067, async page read
[  137.829148][T13160] syz.2.4259: attempt to access beyond end of device
[  137.829148][T13160] loop2: rw=0, sector=2068, nr_sectors = 1 limit=128
[  137.842516][T13160] Buffer I/O error on dev loop2, logical block 2068, async page read
[  137.851425][T13160] syz.2.4259: attempt to access beyond end of device
[  137.851425][T13160] loop2: rw=0, sector=2069, nr_sectors = 1 limit=128
[  137.864783][T13160] Buffer I/O error on dev loop2, logical block 2069, async page read
[  137.883458][T13160] syz.2.4259: attempt to access beyond end of device
[  137.883458][T13160] loop2: rw=0, sector=2070, nr_sectors = 1 limit=128
[  137.896831][T13160] Buffer I/O error on dev loop2, logical block 2070, async page read
[  137.910687][T13160] syz.2.4259: attempt to access beyond end of device
[  137.910687][T13160] loop2: rw=0, sector=2071, nr_sectors = 1 limit=128
[  137.924076][T13160] Buffer I/O error on dev loop2, logical block 2071, async page read
[  137.938470][T13160] syz.2.4259: attempt to access beyond end of device
[  137.938470][T13160] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[  137.951824][T13160] Buffer I/O error on dev loop2, logical block 2072, async page read
[  137.999695][T13237] netlink: 'syz.2.4292': attribute type 6 has an invalid length.
[  138.022222][T13238] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.069042][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.078637][T13249] bridge1: entered promiscuous mode
[  138.084015][T13249] bridge1: entered allmulticast mode
[  138.092569][T13251] netlink: 'syz.6.4297': attribute type 29 has an invalid length.
[  138.102382][T13249] team0: Port device bridge1 added
[  138.114274][T13249] bridge0: port 3(team0) entered blocking state
[  138.120770][T13249] bridge0: port 3(team0) entered disabled state
[  138.127430][T13249] team0: entered allmulticast mode
[  138.132618][T13249] team_slave_0: entered allmulticast mode
[  138.138416][T13249] ±ÿ: entered allmulticast mode
[  138.146798][T13249] team0: entered promiscuous mode
[  138.152066][T13249] team_slave_0: entered promiscuous mode
[  138.157882][T13249] ±ÿ: entered promiscuous mode
[  138.199092][T13260] lo speed is unknown, defaulting to 1000
[  138.317667][T13275] netlink: 'syz.2.4307': attribute type 1 has an invalid length.
[  138.412527][T13285] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4313'.
[  138.421672][T13285] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4313'.
[  138.701588][T13314] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4325'.
[  138.911280][T13347] lo speed is unknown, defaulting to 1000
[  139.307927][T13378] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  139.307927][T13378]    program syz.4.4353 not setting count and/or reply_len properly
[  139.414138][T13392] lo speed is unknown, defaulting to 1000
[  139.687195][T13405] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4366'.
[  139.741602][T13409] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  139.750351][T13409] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  139.796452][T13417] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  139.808281][T13419] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  139.808281][T13419]    program syz.0.4374 not setting count and/or reply_len properly
[  139.866307][T13427] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  139.892835][T13429] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4379'.
[  139.903064][T13429] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  139.955741][T13437] set_capacity_and_notify: 9 callbacks suppressed
[  139.955759][T13437] loop5: detected capacity change from 0 to 512
[  139.968747][T13433] loop0: detected capacity change from 0 to 8192
[  139.981617][T13437] EXT4-fs warning (device loop5): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  139.996884][T13437] EXT4-fs (loop5): mount failed
[  140.188390][T13462] bridge2: entered promiscuous mode
[  140.193735][T13462] bridge2: entered allmulticast mode
[  140.198027][T13464] rdma_op ffff88810a01b580 conn xmit_rdma 0000000000000000
[  140.213512][T13462] team0: Port device bridge2 added
[  140.234857][T13462] bridge0: port 3(team0) entered blocking state
[  140.241478][T13462] bridge0: port 3(team0) entered disabled state
[  140.278428][T13462] team0: entered allmulticast mode
[  140.283640][T13462] team_slave_0: entered allmulticast mode
[  140.289437][T13462] team_slave_1: entered allmulticast mode
[  140.305353][T13462] team0: entered promiscuous mode
[  140.310519][T13462] team_slave_0: entered promiscuous mode
[  140.316381][T13462] team_slave_1: entered promiscuous mode
[  140.368918][T13488] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  140.399938][T13494] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4404'.
[  140.472611][T13504] xt_connbytes: Forcing CT accounting to be enabled
[  140.480451][T13504] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not filter
[  140.501125][T13506] netlink: 72 bytes leftover after parsing attributes in process `syz.5.4414'.
[  140.510246][T13506] netlink: 72 bytes leftover after parsing attributes in process `syz.5.4414'.
[  140.625448][T13522] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  140.795741][T13538] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4430'.
[  140.836123][T13542] rdma_op ffff88810a01a180 conn xmit_rdma 0000000000000000
[  141.110906][T13554] loop2: detected capacity change from 0 to 8192
[  141.432754][T13605] loop0: detected capacity change from 0 to 512
[  141.460842][T13605] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  141.486832][T13605] EXT4-fs (loop0): mount failed
[  141.766152][T13670] loop6: detected capacity change from 0 to 512
[  141.773566][T13670] EXT4-fs: Ignoring removed bh option
[  141.781527][T13670] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  141.799385][T13670] EXT4-fs (loop6): 1 truncate cleaned up
[  141.809858][T13670] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.837120][ T6404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.953043][T13699] loop0: detected capacity change from 0 to 128
[  142.071993][   T29] kauditd_printk_skb: 207 callbacks suppressed
[  142.072008][   T29] audit: type=1400 audit(142.055:3340): avc:  denied  { mounton } for  pid=13718 comm="syz.0.4516" path="/proc/1939/task" dev="proc" ino=37650 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  142.104399][T13717] netlink: 'syz.5.4515': attribute type 178 has an invalid length.
[  142.113594][   T29] audit: type=1400 audit(142.095:3341): avc:  denied  { associate } for  pid=13723 comm="syz.0.4516" name="core" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  142.169602][   T29] audit: type=1400 audit(142.145:3342): avc:  denied  { associate } for  pid=13728 comm="syz.0.4520" name="/" dev="cgroup2" ino=1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[  142.212978][   T29] audit: type=1400 audit(142.185:3343): avc:  denied  { accept } for  pid=13730 comm="syz.6.4522" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  142.232117][   T29] audit: type=1400 audit(142.185:3344): avc:  denied  { unmount } for  pid=3321 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  142.370742][T13753] loop4: detected capacity change from 0 to 1024
[  142.390755][T13753] EXT4-fs: Ignoring removed i_version option
[  142.398658][   T12] tipc: Subscription rejected, illegal request
[  142.400491][T13753] journal_path: Non-blockdev passed as './file1'
[  142.411462][T13753] EXT4-fs: error: could not find journal device path
[  142.486830][T13772] loop0: detected capacity change from 0 to 512
[  142.493712][T13772] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  142.497219][T13774] loop6: detected capacity change from 0 to 2048
[  142.511950][T13772] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.4540: invalid block
[  142.521234][T13772] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.4540: invalid indirect mapped block 4294967295 (level 1)
[  142.538391][T13772] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.4540: invalid indirect mapped block 4294967295 (level 1)
[  142.538689][T13772] EXT4-fs (loop0): 2 truncates cleaned up
[  142.561738][T13774]  loop6: p1 < > p4
[  142.561868][T13772] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.566757][T13774] loop6: p4 size 8388608 extends beyond EOD, truncated
[  142.608950][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.752639][T13794] __nla_validate_parse: 6 callbacks suppressed
[  142.752658][T13794] netlink: 172 bytes leftover after parsing attributes in process `syz.4.4549'.
[  142.785565][T13793] loop6: detected capacity change from 0 to 128
[  142.830724][T13796] EXT4-fs: Ignoring removed bh option
[  142.836487][T13796] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  142.856988][T13796] EXT4-fs (loop5): 1 truncate cleaned up
[  142.887953][T13796] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.940283][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.083939][   T29] audit: type=1326 audit(143.065:3345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  143.106995][   T29] audit: type=1326 audit(143.065:3346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  143.130591][   T29] audit: type=1326 audit(143.115:3347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  143.153805][   T29] audit: type=1326 audit(143.115:3348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  143.176730][   T29] audit: type=1326 audit(143.115:3349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13829 comm="syz.4.4567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  143.225617][T13830] isofs_fill_super: root inode is not a directory. Corrupted media?
[  143.236927][T13836] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  143.303217][ T3329] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  143.391247][T13855] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4578'.
[  143.511187][T13880] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  143.533391][T13880] EXT4-fs error (device loop6): ext4_get_branch:178: inode #11: block 4294967295: comm syz.6.4589: invalid block
[  143.545830][T13880] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.4589: invalid indirect mapped block 4294967295 (level 1)
[  143.560767][T13880] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.4589: invalid indirect mapped block 4294967295 (level 1)
[  143.575354][T13880] EXT4-fs (loop6): 2 truncates cleaned up
[  143.581468][T13879] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=13879 comm=syz.2.4590
[  143.581681][T13880] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.594156][T13879] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=13879 comm=syz.2.4590
[  143.662189][ T6404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.733043][T13891] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  143.755309][T13891] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  143.803363][T13908] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4601'.
[  143.812853][T13908] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  143.828857][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  144.085568][T13945] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  144.114805][T13945] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.141762][T13945] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.4630: bg 0: block 18: invalid block bitmap
[  144.168412][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.543324][T14002] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  144.547498][T14002] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  144.595129][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  144.663214][T14017] vhci_hcd: invalid port number 96
[  144.668379][T14017] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  144.699667][T14023] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  144.725704][T14023] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.784606][T14023] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4656: bg 0: block 18: invalid block bitmap
[  144.854408][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.008807][ T3508] kernel read not supported for file /2070/net/mcfilter6 (pid: 3508 comm: kworker/0:8)
[  145.071109][T14073] set_capacity_and_notify: 11 callbacks suppressed
[  145.071130][T14073] loop5: detected capacity change from 0 to 8192
[  145.126159][T14085] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4677'.
[  145.264472][ T3406] Bluetooth: hci0: Frame reassembly failed (-84)
[  145.508789][T14131] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  145.548317][T14136] loop0: detected capacity change from 0 to 512
[  145.564076][T14138] loop4: detected capacity change from 0 to 128
[  145.584459][T14136] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.623891][T14136] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #2: comm syz.0.4715: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  145.673064][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.714231][T14148] IPv6: NLM_F_CREATE should be specified when creating new route
[  145.787559][T14155] netlink: 'syz.4.4713': attribute type 1 has an invalid length.
[  145.787583][T14155] netlink: 'syz.4.4713': attribute type 2 has an invalid length.
[  145.787603][T14155] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4713'.
[  146.092229][T14175] loop2: detected capacity change from 0 to 128
[  146.131806][T14177] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4724'.
[  146.140989][T14177] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4724'.
[  146.264519][T14179] loop0: detected capacity change from 0 to 764
[  146.282999][T14179] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  146.319285][T14179] Symlink component flag not implemented
[  146.340211][T14179] Symlink component flag not implemented (7)
[  147.290158][ T3577] Bluetooth: hci0: command 0x1003 tx timeout
[  147.296226][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  147.324531][T14208] loop2: detected capacity change from 0 to 512
[  147.332292][   T29] kauditd_printk_skb: 224 callbacks suppressed
[  147.332306][   T29] audit: type=1400 audit(147.315:3574): avc:  denied  { read write } for  pid=14206 comm="syz.6.4736" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  147.334240][T14208] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  147.338726][   T29] audit: type=1400 audit(147.315:3575): avc:  denied  { open } for  pid=14206 comm="syz.6.4736" path="/dev/raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  147.370994][T14209] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  147.401354][   T29] audit: type=1400 audit(147.355:3576): avc:  denied  { ioctl } for  pid=14206 comm="syz.6.4736" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  147.402442][T14208] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  147.426300][T14209] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.435292][T14208] System zones: 1-12
[  147.464828][T14208] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #15: comm syz.2.4746: corrupted in-inode xattr: e_value size too large
[  147.480685][T14208] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.4746: couldn't read orphan inode 15 (err -117)
[  147.493456][T14208] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.512489][T14215] loop4: detected capacity change from 0 to 512
[  147.525722][   T29] audit: type=1400 audit(147.505:3577): avc:  denied  { add_name } for  pid=14204 comm="syz.2.4746" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  147.533770][T14217] loop0: detected capacity change from 0 to 128
[  147.567524][   T29] audit: type=1400 audit(147.505:3578): avc:  denied  { create } for  pid=14204 comm="syz.2.4746" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  147.619496][   T29] audit: type=1400 audit(147.595:3579): avc:  denied  { write open } for  pid=14204 comm="syz.2.4746" path="/990/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  147.684900][   T29] audit: type=1400 audit(147.595:3580): avc:  denied  { create } for  pid=14204 comm="syz.2.4746" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  147.727502][   T29] audit: type=1400 audit(147.595:3581): avc:  denied  { create } for  pid=14204 comm="syz.2.4746" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  147.771733][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.772146][T14215] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.813419][   T29] audit: type=1400 audit(147.785:3582): avc:  denied  { audit_write } for  pid=14223 comm="syz.0.4740" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  147.834114][   T29] audit: type=1107 audit(147.785:3583): pid=14223 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='Ö¤N'
[  147.851952][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.165273][T14258] loop6: detected capacity change from 0 to 128
[  148.254740][T14107] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  148.604234][T14321] loop5: detected capacity change from 0 to 512
[  148.620742][T14321] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.4786: inode has both inline data and extents flags
[  148.634193][T14321] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4786: couldn't read orphan inode 15 (err -117)
[  148.646588][T14321] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.660906][T14321] EXT4-fs warning (device loop5): ext4_block_to_path:107: block 1057052516 > max in inode 18
[  148.699250][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.763096][T14339] EXT4-fs: Ignoring removed nomblk_io_submit option
[  148.772074][T14339] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  148.780482][T14339] System zones: 0-1, 3-36
[  148.786031][T14339] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.904207][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.144039][T14362] EXT4-fs warning (device loop5): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  149.163676][T14362] EXT4-fs (loop5): mount failed
[  149.196333][T14371] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4808'.
[  149.271682][T14381] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.298902][T14376]  loop0: p2 p3 p7
[  149.303149][T14389] netlink: '+}[@': attribute type 1 has an invalid length.
[  149.310528][T14389] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  149.392982][T14399] batadv_slave_0: entered promiscuous mode
[  149.524010][T14413] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  149.663379][T14426] EXT4-fs (loop0): failed to initialize system zone (-117)
[  149.670905][T14426] EXT4-fs (loop0): mount failed
[  149.752970][T14439] IPv6: NLM_F_CREATE should be specified when creating new route
[  149.913470][T14459] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  149.960287][T14459] EXT4-fs (loop0): 1 truncate cleaned up
[  149.975878][T14459] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.992926][T14459] EXT4-fs (loop0): shut down requested (0)
[  150.008164][T14459] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  150.031561][T14459] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  150.086292][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.118958][   T37] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  150.134161][   T37] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1696 with error 28
[  150.146740][   T37] EXT4-fs (loop6): This should not happen!! Data will be lost
[  150.146740][   T37] 
[  150.156511][   T37] EXT4-fs (loop6): Total free blocks count 0
[  150.162569][   T37] EXT4-fs (loop6): Free/Dirty block details
[  150.168533][   T37] EXT4-fs (loop6): free_blocks=2415919504
[  150.174311][   T37] EXT4-fs (loop6): dirty_blocks=1712
[  150.179668][   T37] EXT4-fs (loop6): Block reservation details
[  150.185791][   T37] EXT4-fs (loop6): i_reserved_data_blocks=107
[  150.202557][  T312] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  150.351204][T14496] usb usb6: usbfs: process 14496 (syz.5.4866) did not claim interface 0 before use
[  150.555037][T14517] set_capacity_and_notify: 6 callbacks suppressed
[  150.555052][T14517] loop5: detected capacity change from 0 to 512
[  150.594390][T14517] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  150.610849][T14517] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  150.837091][T14539] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4882'.
[  150.854785][T14539] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  150.951665][T14551] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125
[  151.026989][T14563] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  151.035308][T14563] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  151.084423][T14567] hub 6-0:1.0: USB hub found
[  151.089207][T14567] hub 6-0:1.0: 8 ports detected
[  151.173997][T14585] xt_hashlimit: max too large, truncated to 1048576
[  151.316863][T14603] loop4: detected capacity change from 0 to 512
[  151.324454][T14603] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  151.347538][T14609] loop6: detected capacity change from 0 to 512
[  151.369390][T14603] syz.4.4915: attempt to access beyond end of device
[  151.369390][T14603] loop4: rw=2049, sector=656, nr_sectors = 32 limit=512
[  151.383226][T14603] syz.4.4915: attempt to access beyond end of device
[  151.383226][T14603] loop4: rw=2049, sector=720, nr_sectors = 32 limit=512
[  151.397361][T14603] syz.4.4915: attempt to access beyond end of device
[  151.397361][T14603] loop4: rw=2049, sector=784, nr_sectors = 32 limit=512
[  151.412333][T14603] syz.4.4915: attempt to access beyond end of device
[  151.412333][T14603] loop4: rw=2049, sector=848, nr_sectors = 32 limit=512
[  151.446862][T14619] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4921'.
[  151.459121][T14623] loop2: detected capacity change from 0 to 256
[  151.469923][T14609] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.517361][T14609] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.4918: corrupted inode contents
[  151.537650][T14609] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #2: comm syz.6.4918: mark_inode_dirty error
[  151.559402][T14609] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.4918: corrupted inode contents
[  151.580488][T14609] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.4918: mark_inode_dirty error
[  151.657739][T14609] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  151.717061][ T6404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.731821][T14646] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  151.914898][T14672] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  151.998040][T14674] loop0: detected capacity change from 0 to 1024
[  152.005000][T14674] EXT4-fs: Ignoring removed orlov option
[  152.080353][T14685] loop6: detected capacity change from 0 to 1024
[  152.087172][T14685] EXT4-fs: Ignoring removed mblk_io_submit option
[  152.098903][T14685] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  152.130272][T14685] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  152.147141][T14685] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #11: comm syz.6.4952: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  152.152683][T14688] netlink: 'syz.0.4953': attribute type 10 has an invalid length.
[  152.180818][T14685] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.4952: couldn't read orphan inode 11 (err -117)
[  152.194303][T14688] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.213954][T14696] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4956'.
[  152.223421][T14685] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4952: Invalid block bitmap block 0 in block_group 0
[  152.240361][T14685] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.4952: Failed to acquire dquot type 0
[  152.260612][T14688] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.267747][T14688] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.278813][T14688] bridge0: entered promiscuous mode
[  152.284310][T14688] bridge0: entered allmulticast mode
[  152.291033][T14688] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  152.400349][T14710] bridge_slave_1: entered promiscuous mode
[  152.445996][   T29] kauditd_printk_skb: 291 callbacks suppressed
[  152.446085][   T29] audit: type=1326 audit(152.425:3872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14711 comm="syz.2.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8726f749 code=0x7ffc0000
[  152.498300][   T29] audit: type=1326 audit(152.425:3873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14711 comm="syz.2.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3c8726f749 code=0x7ffc0000
[  152.504219][T14718] loop2: detected capacity change from 0 to 128
[  152.521279][   T29] audit: type=1326 audit(152.425:3874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14711 comm="syz.2.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8726f749 code=0x7ffc0000
[  152.521346][   T29] audit: type=1326 audit(152.425:3875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14711 comm="syz.2.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f3c8726f749 code=0x7ffc0000
[  152.521378][   T29] audit: type=1326 audit(152.425:3876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14711 comm="syz.2.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8726f749 code=0x7ffc0000
[  152.577699][T14718] FAT-fs (loop2): Directory bread(block 32) failed
[  152.597244][   T29] audit: type=1326 audit(152.455:3877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14711 comm="syz.2.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8726f749 code=0x7ffc0000
[  152.605623][T14716] loop5: detected capacity change from 0 to 4096
[  152.630139][T14718] FAT-fs (loop2): Directory bread(block 33) failed
[  152.643326][T14718] FAT-fs (loop2): Directory bread(block 34) failed
[  152.660149][T14718] FAT-fs (loop2): Directory bread(block 35) failed
[  152.667228][T14718] FAT-fs (loop2): Directory bread(block 36) failed
[  152.673865][T14718] FAT-fs (loop2): Directory bread(block 37) failed
[  152.680640][T14718] FAT-fs (loop2): Directory bread(block 38) failed
[  152.687248][T14718] FAT-fs (loop2): Directory bread(block 39) failed
[  152.694154][T14718] FAT-fs (loop2): Directory bread(block 40) failed
[  152.701244][T14718] FAT-fs (loop2): Directory bread(block 41) failed
[  152.751491][T14723] loop5: detected capacity change from 0 to 2048
[  152.786689][T14723] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4968: bg 0: block 345: padding at end of block bitmap is not set
[  152.810353][T14723] EXT4-fs (loop5): Remounting filesystem read-only
[  152.817183][T14723] EXT4-fs warning (device loop5): ext4_xattr_inode_lookup_create:1606: inode #18: comm syz.5.4968: cleanup dec ref error -117
[  152.968205][   T29] audit: type=1400 audit(152.935:3878): avc:  denied  { read } for  pid=14741 comm="syz.2.4975" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  152.995939][   T29] audit: type=1326 audit(152.965:3879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14743 comm="syz.5.4977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  153.019138][   T29] audit: type=1326 audit(152.965:3880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14743 comm="syz.5.4977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  153.042300][   T29] audit: type=1326 audit(152.965:3881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14743 comm="syz.5.4977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  153.089227][T14748] loop5: detected capacity change from 0 to 1024
[  153.099509][T14748] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  153.117978][T14748] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  153.130632][T14748] EXT4-fs (loop5): orphan cleanup on readonly fs
[  153.151382][T14748] EXT4-fs error (device loop5): ext4_free_blocks:6728: comm syz.5.4979: Freeing blocks not in datazone - block = 0, count = 4096
[  153.203732][T14748] EXT4-fs (loop5): 1 orphan inode deleted
[  153.319089][T14768] lo speed is unknown, defaulting to 1000
[  153.418753][T14768] msdos: Unknown parameter 'A'
[  153.429849][T14777] bond1: entered promiscuous mode
[  153.435045][T14777] bond1: entered allmulticast mode
[  153.463321][T14777] 8021q: adding VLAN 0 to HW filter on device bond1
[  153.487872][T14777] bond1 (unregistering): Released all slaves
[  153.652214][T14797] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5002'.
[  153.743289][   T52] Bluetooth: hci0: Frame reassembly failed (-84)
[  153.832894][T14822] EXT4-fs: Ignoring removed bh option
[  153.869498][T14822] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  153.907526][T14830] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  153.907928][T14822] EXT4-fs (loop0): 1 truncate cleaned up
[  154.237814][T14877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5039'.
[  154.326641][T14887] netlink: 'syz.6.5044': attribute type 6 has an invalid length.
[  154.365778][T14893] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  154.405577][T14899] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5050'.
[  154.448358][T14903] IPv6: NLM_F_CREATE should be specified when creating new route
[  154.636123][T14941] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  154.650118][T14941] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  154.769398][T14959] EXT4-fs (loop5): 1 truncate cleaned up
[  154.834086][T14968] netlink: 'syz.5.5083': attribute type 1 has an invalid length.
[  154.897598][T14973] netlink: 664 bytes leftover after parsing attributes in process `syz.5.5085'.
[  155.342020][T14995] EXT4-fs (loop4): failed to initialize system zone (-117)
[  155.349332][T14995] EXT4-fs (loop4): mount failed
[  155.424191][T15005] netlink: 'syz.4.5098': attribute type 3 has an invalid length.
[  155.707408][T15014] ------------[ cut here ]------------
[  155.712984][T15014] WARNING: mm/page_alloc.c:5186 at __alloc_frozen_pages_noprof+0x21a/0x360, CPU#0: syz.6.5102/15014
[  155.723968][T15014] Modules linked in:
[  155.728075][T15014] CPU: 0 UID: 0 PID: 15014 Comm: syz.6.5102 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  155.739526][T15014] Tainted: [W]=WARN
[  155.743423][T15014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  155.753607][T15014] RIP: 0010:__alloc_frozen_pages_noprof+0x21a/0x360
[  155.760267][T15014] Code: ff ff 83 3d df 1a 4f 05 02 0f 82 4f ff ff ff 48 83 b8 e0 fb ff ff 00 0f 85 41 ff ff ff e9 42 ff ff ff c6 05 56 1d 4b 05 01 90 <0f> 0b 90 31 c0 eb 89 f7 c1 00 00 08 00 75 58 44 89 f6 81 e6 7f ff
[  155.780138][T15014] RSP: 0018:ffffc90005d7bb88 EFLAGS: 00010246
[  155.781061][ T3577] Bluetooth: hci0: command 0x1003 tx timeout
[  155.786265][T15014] RAX: eb1b6dc6b4588600 RBX: 0000000000000013 RCX: 0000000000000000
[  155.786285][T15014] RDX: 0000000000000000 RSI: 0000000000000013 RDI: 0000000000040cc0
[  155.786303][T15014] RBP: 0000000000000000 R08: 0001ffff88ef3fd5 R09: 0000000000000000
[  155.792403][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  155.800583][T15014] R10: 0000000000000006 R11: 0000000000000002 R12: ffffffff88ef3fd4
[  155.800602][T15014] R13: 0000000000000001 R14: 0000000000040cc0 R15: 0000000000000000
[  155.800615][T15014] FS:  00007f4489bd76c0(0000) GS:ffff8882aedc6000(0000) knlGS:0000000000000000
[  155.800633][T15014] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  155.800654][T15014] CR2: 00007f4489bd5fe0 CR3: 000000011d490000 CR4: 00000000003506f0
[  155.862555][T15014] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  155.870638][T15014] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  155.878631][T15014] Call Trace:
[  155.881962][T15014]  <TASK>
[  155.884924][T15014]  alloc_pages_mpol+0xb3/0x260
[  155.889772][T15014]  alloc_frozen_pages_noprof+0x90/0x110
[  155.895419][T15014]  ___kmalloc_large_node+0x3f/0xf0
[  155.900843][T15014]  __kmalloc_large_node_noprof+0x16/0xa0
[  155.906782][T15014]  __kmalloc_noprof+0x35a/0x5a0
[  155.911799][T15014]  ? raw_ioctl+0xfb8/0x1cd0
[  155.916347][T15014]  raw_ioctl+0xfb8/0x1cd0
[  155.920751][T15014]  ? ioctl_has_perm+0x255/0x2a0
[  155.925635][T15014]  ? do_vfs_ioctl+0x866/0xe10
[  155.930472][T15014]  ? selinux_file_ioctl+0x308/0x3a0
[  155.935760][T15014]  ? __fget_files+0x184/0x1c0
[  155.940641][T15014]  ? __pfx_raw_ioctl+0x10/0x10
[  155.945497][T15014]  __se_sys_ioctl+0xce/0x140
[  155.950186][T15014]  __x64_sys_ioctl+0x43/0x50
[  155.954942][T15014]  x64_sys_call+0x14b0/0x3000
[  155.959672][T15014]  do_syscall_64+0xd8/0x2a0
[  155.964305][T15014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.970279][T15014] RIP: 0033:0x7f448b16f749
[  155.974788][T15014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.994529][T15014] RSP: 002b:00007f4489bd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  156.002992][T15014] RAX: ffffffffffffffda RBX: 00007f448b3c5fa0 RCX: 00007f448b16f749
[  156.011085][T15014] RDX: 00002000000000c0 RSI: 00000000c0085508 RDI: 0000000000000003
[  156.019121][T15014] RBP: 00007f448b1f3f91 R08: 0000000000000000 R09: 0000000000000000
[  156.027132][T15014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  156.035132][T15014] R13: 00007f448b3c6038 R14: 00007f448b3c5fa0 R15: 00007ffe3990bf38
[  156.043174][T15014]  </TASK>
[  156.046313][T15014] ---[ end trace 0000000000000000 ]---
[  156.592980][T15070] vlan2: entered allmulticast mode
[  156.598315][T15070] bridge0: port 3(vlan2) entered blocking state
[  156.604744][T15070] bridge0: port 3(vlan2) entered disabled state
[  156.660852][T15070] vlan2: entered promiscuous mode
[  156.663612][T15074] set_capacity_and_notify: 6 callbacks suppressed
[  156.663628][T15074] loop4: detected capacity change from 0 to 2048
[  156.724371][T14806] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  156.927117][T15088] loop0: detected capacity change from 0 to 8192
[  156.996760][T15088] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 2068)
[  156.996816][T15088] FAT-fs (loop0): Filesystem has been set read-only
[  156.996850][T15088] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 2068)
[  157.036962][T15101] netem: change failed
[  157.206986][T15133] loop0: detected capacity change from 0 to 512
[  157.218403][T15132] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15132 comm=syz.6.5157
[  157.231077][T15132] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15132 comm=syz.6.5157
[  157.244192][T15133] EXT4-fs: Ignoring removed oldalloc option
[  157.307759][T15146] EXT4-fs (loop0): shut down requested (1)
[  157.346661][T15152] vhci_hcd: invalid port number 9
[  157.351903][T15152] vhci_hcd: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub
[  157.375600][T15155] loop2: detected capacity change from 0 to 512
[  157.395854][T15155] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.5167: error while reading EA inode 32 err=-116
[  157.412522][T15155] EXT4-fs (loop2): Remounting filesystem read-only
[  157.419075][T15155] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[  157.429910][T15155] EXT4-fs (loop2): 1 orphan inode deleted
[  157.464585][T15169] sch_tbf: burst 19920 is lower than device lo mtu (65550) !
[  157.490585][T15171] xt_hashlimit: max too large, truncated to 1048576
[  157.503798][   T29] kauditd_printk_skb: 178 callbacks suppressed
[  157.503815][   T29] audit: type=1400 audit(157.485:4060): avc:  denied  { mounton } for  pid=15172 comm="syz.2.5177" path="/syzcgroup/unified/syz2" dev="cgroup2" ino=77 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  157.537141][T15171] No such timeout policy "syz1"
[  157.544239][   T29] audit: type=1400 audit(157.485:4061): avc:  denied  { mount } for  pid=15172 comm="syz.2.5177" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  157.565638][   T29] audit: type=1400 audit(157.515:4062): avc:  denied  { mounton } for  pid=15172 comm="syz.2.5177" path="/syzcgroup/unified/syz2" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  157.570103][T15175] 9pnet: Could not find request transport: tcitch
[  157.588364][   T29] audit: type=1400 audit(157.525:4063): avc:  denied  { module_request } for  pid=15174 comm="syz.0.5179" kmod="9p-tcitch" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  157.655962][   T29] audit: type=1400 audit(157.635:4064): avc:  denied  { append } for  pid=15182 comm="syz.0.5181" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  157.682759][T15183] program syz.0.5181 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  157.735682][   T29] audit: type=1400 audit(157.715:4065): avc:  denied  { execmem } for  pid=15193 comm="syz.4.5185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  157.775219][T15198] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5187'.
[  157.815664][   T29] audit: type=1400 audit(157.795:4066): avc:  denied  { create } for  pid=15201 comm="syz.6.5189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  157.851968][   T29] audit: type=1400 audit(157.815:4067): avc:  denied  { ioctl } for  pid=15201 comm="syz.6.5189" path="socket:[44272]" dev="sockfs" ino=44272 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  157.876244][   T29] audit: type=1400 audit(157.815:4068): avc:  denied  { write } for  pid=15201 comm="syz.6.5189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  157.938586][T15194] lo speed is unknown, defaulting to 1000
[  157.956059][T15211] loop0: detected capacity change from 0 to 1024
[  157.970436][T15211] EXT4-fs: Ignoring removed mblk_io_submit option
[  157.985020][   T29] audit: type=1400 audit(157.965:4069): avc:  denied  { read write } for  pid=15210 comm="syz.0.5193" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  158.055742][T15227] loop4: detected capacity change from 0 to 1024
[  158.062673][T15227] EXT4-fs: Ignoring removed nomblk_io_submit option
[  158.107793][T15233] SELinux: failed to load policy
[  158.169706][T15238] loop6: detected capacity change from 0 to 512
[  158.243089][T15238] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  158.280446][T15238] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 28
[  158.292776][T15238] EXT4-fs (loop6): This should not happen!! Data will be lost
[  158.292776][T15238] 
[  158.302476][T15238] EXT4-fs (loop6): Total free blocks count 0
[  158.308472][T15238] EXT4-fs (loop6): Free/Dirty block details
[  158.314414][T15238] EXT4-fs (loop6): free_blocks=65280
[  158.319814][T15238] EXT4-fs (loop6): dirty_blocks=31
[  158.325190][T15238] EXT4-fs (loop6): Block reservation details
[  158.331241][T15238] EXT4-fs (loop6): i_reserved_data_blocks=31
[  158.369954][   T52] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 30 with error 28
[  158.382330][   T52] EXT4-fs (loop6): This should not happen!! Data will be lost
[  158.382330][   T52] 
[  158.622881][T15293] loop0: detected capacity change from 0 to 512
[  158.634444][T15296] loop6: detected capacity change from 0 to 512
[  158.643346][T15296] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.5227: bg 0: block 16: invalid block bitmap
[  158.656295][T15296] EXT4-fs (loop6): Remounting filesystem read-only
[  158.663107][T15296] EXT4-fs (loop6): 1 truncate cleaned up
[  158.670353][T15293] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  158.695469][T15293] EXT4-fs (loop0): orphan cleanup on readonly fs
[  158.705196][T15293] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #16: comm syz.0.5226: corrupted inode contents
[  158.718155][T15293] EXT4-fs (loop0): Remounting filesystem read-only
[  158.725954][T15293] EXT4-fs (loop0): 1 truncate cleaned up
[  158.731770][   T52] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  158.742370][   T52] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  158.753275][   T52] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  158.822238][T15308] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5231'.
[  158.875578][T15315] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  158.891579][T15317] loop0: detected capacity change from 0 to 2048
[  158.906515][T15317] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.5235: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  158.981081][T15327]  loop6: p1 < > p4
[  158.986556][T15327] loop6: p4 size 8388608 extends beyond EOD, truncated
[  159.237217][T15351] rdma_op ffff88811c001d80 conn xmit_rdma 0000000000000000
[  159.317046][T15365] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  159.329637][T15367] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5258'.
[  159.389899][T15375] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5262'.
[  159.536590][T15395] siw: device registration error -23
[  159.618785][T15410] xfrm0: entered promiscuous mode
[  159.691671][T15422] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  159.699059][T15422] vhci_hcd: invalid port number 253
[  159.800191][T15428] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  159.857502][T15434] netlink: 48 bytes leftover after parsing attributes in process `gtp'.
[  159.961649][T15454] binfmt_misc: register: failed to install interpreter file ./file0
[  160.012929][T15457] lo speed is unknown, defaulting to 1000
[  160.190743][T15480]  loop0: p1 < > p4
[  160.200453][T15480] loop0: p4 size 8388608 extends beyond EOD, truncated
[  160.238288][T15488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5313'.
[  160.247394][T15488] netlink: 312 bytes leftover after parsing attributes in process `syz.0.5313'.
[  160.256561][T15488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5313'.
[  160.306224][T15498] vfat: Unknown parameter 'ÿÿÿÿÿÿÿÿ'
[  160.354986][T15502] macvtap0: refused to change device tx_queue_len
[  160.368270][   T53] Bluetooth: hci0: Frame reassembly failed (-84)
[  160.608216][T15543] netlink: 256 bytes leftover after parsing attributes in process `syz.5.5338'.
[  160.611139][T15547] EXT4-fs error (device loop6): ext4_get_branch:178: inode #11: block 4294967295: comm syz.6.5339: invalid block
[  160.629757][T15547] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.5339: invalid indirect mapped block 4294967295 (level 1)
[  160.644468][T15547] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.5339: invalid indirect mapped block 4294967295 (level 1)
[  160.678132][T15547] EXT4-fs (loop6): 2 truncates cleaned up
[  160.719334][T15562] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  160.730418][T15562] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  160.741342][T15562] JBD2: no valid journal superblock found
[  160.747127][T15562] EXT4-fs (loop6): Could not load journal inode
[  160.788225][T15569] netdevsim netdevsim2: Direct firmware load for ( failed with error -2
[  160.804111][ T3324] rock: directory entry would overflow storage
[  160.810434][ T3324] rock: sig=0x4f50, size=4, remaining=3
[  160.815997][ T3324] iso9660: Corrupted directory entry in block 2 of inode 1472
[  160.826166][ T3324] iso9660: Corrupted directory entry in block 2 of inode 1472
[  161.202163][T15603] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.5366: Failed to acquire dquot type 0
[  161.220829][T15603] EXT4-fs (loop6): 1 truncate cleaned up
[  161.343830][T15628] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5376'.
[  161.462205][T15636] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #15: comm syz.2.5380: corrupted xattr block 33: bad e_name length
[  161.488897][T15636] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  161.498238][T15636] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #15: comm syz.2.5380: corrupted xattr block 33: bad e_name length
[  161.568598][T15654] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  161.580642][T15654] Symlink component flag not implemented
[  161.586461][T15654] Symlink component flag not implemented (7)
[  161.613015][T15659] netlink: 'syz.6.5389': attribute type 1 has an invalid length.
[  161.620822][T15659] netlink: 'syz.6.5389': attribute type 2 has an invalid length.
[  161.629740][T15659] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5389'.
[  161.678243][T15665] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  161.701923][T15665] Symlink component flag not implemented
[  161.707824][T15665] Symlink component flag not implemented (7)
[  162.410149][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  162.410801][ T3577] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  162.441656][T15715] netlink: 'syz.0.5413': attribute type 10 has an invalid length.
[  162.491202][T15715] netdevsim netdevsim0 netdevsim1: entered promiscuous mode
[  162.513106][T15715] netdevsim netdevsim0 netdevsim1: entered allmulticast mode
[  162.531058][T15715] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  162.573828][   T29] kauditd_printk_skb: 255 callbacks suppressed
[  162.573843][   T29] audit: type=1400 audit(162.554:4317): avc:  denied  { read } for  pid=15723 comm="syz.4.5419" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  162.602499][   T29] audit: type=1400 audit(162.554:4318): avc:  denied  { open } for  pid=15723 comm="syz.4.5419" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  162.626425][   T29] audit: type=1400 audit(162.604:4319): avc:  denied  { write } for  pid=15723 comm="syz.4.5419" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  162.648788][   T29] audit: type=1400 audit(162.604:4320): avc:  denied  { block_suspend } for  pid=15723 comm="syz.4.5419" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  162.736961][   T29] audit: type=1400 audit(162.674:4321): avc:  denied  { create } for  pid=15726 comm="syz.0.5420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  162.756143][   T29] audit: type=1400 audit(162.674:4322): avc:  denied  { shutdown } for  pid=15728 comm="syz.4.5422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  162.775408][   T29] audit: type=1400 audit(162.674:4323): avc:  denied  { write } for  pid=15726 comm="syz.0.5420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  162.846328][T15745] set_capacity_and_notify: 11 callbacks suppressed
[  162.846350][T15745] loop0: detected capacity change from 0 to 512
[  162.871131][   T29] audit: type=1326 audit(162.854:4324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15740 comm="syz.5.5417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  162.903081][T15741] team0 (unregistering): Port device team_slave_0 removed
[  162.910442][T15745] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  162.926714][T15749] loop2: detected capacity change from 0 to 512
[  162.933119][T15741] team0 (unregistering): Port device team_slave_1 removed
[  162.951241][T15745] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  162.961742][   T29] audit: type=1326 audit(162.854:4325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15740 comm="syz.5.5417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  162.984613][   T29] audit: type=1326 audit(162.854:4326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15740 comm="syz.5.5417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  162.986095][T15749] EXT4-fs mount: 42 callbacks suppressed
[  162.986113][T15749] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.017951][T15745] System zones: 1-12
[  163.073005][T15745] EXT4-fs error (device loop0): ext4_iget_extra_inode:5073: inode #15: comm syz.0.5429: corrupted in-inode xattr: e_value size too large
[  163.110495][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.152224][T15745] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.5429: couldn't read orphan inode 15 (err -117)
[  163.207983][T15745] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.285262][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.375430][T15793] loop4: detected capacity change from 0 to 1024
[  163.386020][T15793] EXT4-fs: Ignoring removed nobh option
[  163.391687][T15793] EXT4-fs: Ignoring removed bh option
[  163.418550][T15797] SELinux: failed to load policy
[  163.425467][T15793] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.457781][T15793] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.5449: Allocating blocks 497-513 which overlap fs metadata
[  163.482637][T15793] EXT4-fs (loop4): pa ffff8881004b6620: logic 16, phys. 129, len 24
[  163.490753][T15793] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1
[  163.502797][T15806] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  163.511554][T15806] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  163.533094][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.639017][T15827] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  163.648244][T15827] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  164.073071][T15850] loop4: detected capacity change from 0 to 256
[  164.255351][T15881] loop0: detected capacity change from 0 to 2048
[  164.282130][T15881] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.402117][T15901] loop4: detected capacity change from 0 to 512
[  164.487363][T15901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.524095][T15901] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.590404][T15915] pim6reg: entered allmulticast mode
[  164.596569][T15915] pim6reg: left allmulticast mode
[  164.637752][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.668377][T15919] __nla_validate_parse: 3 callbacks suppressed
[  164.668397][T15919] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5506'.
[  164.696070][T15923] loop6: detected capacity change from 0 to 128
[  164.739064][T15923] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  164.836144][ T6404] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  165.369836][T15989] binfmt_misc: register: failed to install interpreter file ./file0
[  165.391899][T15991] loop0: detected capacity change from 0 to 512
[  165.400382][T15991] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.5535: inode has both inline data and extents flags
[  165.413925][T15991] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.5535: couldn't read orphan inode 15 (err -117)
[  165.426723][T15991] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.442517][T15991] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 1057052516 > max in inode 18
[  165.464481][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.503371][T16002] loop5: detected capacity change from 0 to 2048
[  165.539154][T16002] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.552909][T16002] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.5539: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  165.569582][T16002] EXT4-fs (loop5): Remounting filesystem read-only
[  165.585393][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.768381][T16022] loop4: detected capacity change from 0 to 1024
[  165.776545][T16022] EXT4-fs: Ignoring removed nomblk_io_submit option
[  165.784647][T16022] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  165.792908][T16022] System zones: 0-1, 3-36
[  165.798174][T16022] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.938950][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.087313][T16056] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5565'.
[  166.134304][T16058] EXT4-fs warning (device loop6): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  166.149970][T16058] EXT4-fs (loop6): mount failed
[  166.377635][T16100]  loop5: p2 p3 p7
[  166.386038][T16104] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.513798][T16114] EXT4-fs (loop4): failed to initialize system zone (-117)
[  166.538633][T16114] EXT4-fs (loop4): mount failed
[  166.681653][T16140] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  166.836223][T16164] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  166.864992][T16164] EXT4-fs (loop4): 1 truncate cleaned up
[  166.880612][T16164] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.901036][T16166] usb usb6: usbfs: process 16166 (syz.6.5612) did not claim interface 0 before use
[  166.924227][T16164] EXT4-fs (loop4): shut down requested (0)
[  166.932295][T16164] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  166.949290][T16164] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  166.987352][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.110783][T16182] netlink: 'syz.4.5621': attribute type 1 has an invalid length.
[  167.351974][   T53] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  167.385205][   T53] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 28
[  167.397763][   T53] EXT4-fs (loop2): This should not happen!! Data will be lost
[  167.397763][   T53] 
[  167.407506][   T53] EXT4-fs (loop2): Total free blocks count 0
[  167.413560][   T53] EXT4-fs (loop2): Free/Dirty block details
[  167.419466][   T53] EXT4-fs (loop2): free_blocks=2415919504
[  167.425255][   T53] EXT4-fs (loop2): dirty_blocks=2224
[  167.430600][   T53] EXT4-fs (loop2): Block reservation details
[  167.436645][   T53] EXT4-fs (loop2): i_reserved_data_blocks=139
[  167.457241][   T37] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 158 with error 28
[  167.524167][T16213] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5636'.
[  167.534499][T16213] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  167.611013][   T29] kauditd_printk_skb: 245 callbacks suppressed
[  167.611029][   T29] audit: type=1326 audit(167.594:4571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16218 comm="syz.5.5649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  167.677488][   T29] audit: type=1326 audit(167.594:4572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16218 comm="syz.5.5649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  167.700652][   T29] audit: type=1326 audit(167.594:4573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16218 comm="syz.5.5649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  167.702320][T16221] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  167.723594][   T29] audit: type=1326 audit(167.624:4574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16218 comm="syz.5.5649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  167.736794][T16221] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  167.759001][   T29] audit: type=1326 audit(167.624:4575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16218 comm="syz.5.5649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  167.791220][   T29] audit: type=1326 audit(167.624:4576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16218 comm="syz.5.5649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  167.814254][   T29] audit: type=1326 audit(167.624:4577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16218 comm="syz.5.5649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  167.837392][   T29] audit: type=1326 audit(167.624:4578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16218 comm="syz.5.5649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7ff9974cf749 code=0x7ffc0000
[  167.933761][T16238] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  167.942131][T16238] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  167.989222][   T29] audit: type=1400 audit(167.964:4579): avc:  denied  { bind } for  pid=16247 comm="syz.4.5651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  168.008239][   T29] audit: type=1400 audit(167.964:4580): avc:  denied  { name_bind } for  pid=16247 comm="syz.4.5651" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  168.034495][T16250] xt_hashlimit: max too large, truncated to 1048576
[  168.037093][T16246] hub 6-0:1.0: USB hub found
[  168.046107][T16246] hub 6-0:1.0: 8 ports detected
[  168.089950][T16259] netlink: 64 bytes leftover after parsing attributes in process `syz.5.5656'.
[  168.179692][T16271] set_capacity_and_notify: 6 callbacks suppressed
[  168.179708][T16271] loop2: detected capacity change from 0 to 512
[  168.207738][T16271] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.230370][T16271] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.5662: corrupted inode contents
[  168.242850][T16271] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #2: comm syz.2.5662: mark_inode_dirty error
[  168.254953][T16271] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.5662: corrupted inode contents
[  168.278240][T16271] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.5662: mark_inode_dirty error
[  168.300018][T16271] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  168.316586][T16287] loop6: detected capacity change from 0 to 1024
[  168.323917][T16287] EXT4-fs: Ignoring removed bh option
[  168.329419][T16287] EXT4-fs: inline encryption not supported
[  168.335761][T16287] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  168.346521][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.361904][T16287] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e84ce028, mo2=0000]
[  168.372805][T16287] System zones: 0-1, 3-12
[  168.378399][T16287] EXT4-fs error (device loop6): ext4_map_blocks:825: inode #3: block 1: comm syz.6.5666: lblock 1 mapped to illegal pblock 1 (length 1)
[  168.394181][T16287] EXT4-fs (loop6): Remounting filesystem read-only
[  168.401091][T16287] EXT4-fs (loop6): 1 orphan inode deleted
[  168.407352][T16287] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.431152][ T6404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.452897][T16298] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125
[  168.497534][T16306] vhci_hcd: default hub control req: 0314 v001b i0006 l0
[  168.691002][T16341] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  168.795449][T16354] netlink: 'syz.5.5699': attribute type 5 has an invalid length.
[  169.010266][T16382] loop6: detected capacity change from 0 to 1024
[  169.020772][T16382] EXT4-fs: Ignoring removed orlov option
[  169.037539][T16382] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.052538][T16388] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5717'.
[  169.093261][T16394] netlink: 'syz.5.5719': attribute type 10 has an invalid length.
[  169.105568][ T6404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.105700][T16394] bridge0: entered promiscuous mode
[  169.119954][T16394] bridge0: entered allmulticast mode
[  169.126231][T16394] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  169.231823][T16412] loop0: detected capacity change from 0 to 512
[  169.242340][T16412] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  169.265423][T16412] syz.0.5738: attempt to access beyond end of device
[  169.265423][T16412] loop0: rw=2049, sector=656, nr_sectors = 32 limit=512
[  169.279376][T16412] syz.0.5738: attempt to access beyond end of device
[  169.279376][T16412] loop0: rw=2049, sector=720, nr_sectors = 32 limit=512
[  169.294504][T16412] syz.0.5738: attempt to access beyond end of device
[  169.294504][T16412] loop0: rw=2049, sector=784, nr_sectors = 32 limit=512
[  169.308399][T16412] syz.0.5738: attempt to access beyond end of device
[  169.308399][T16412] loop0: rw=2049, sector=848, nr_sectors = 32 limit=512
[  169.485762][T16428] loop2: detected capacity change from 0 to 1764
[  169.490726][T16436] loop0: detected capacity change from 0 to 1024
[  169.498906][T16436] EXT4-fs: Ignoring removed mblk_io_submit option
[  169.536271][T16436] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  169.552754][T16436] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  169.572176][T16436] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.5736: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  169.591173][T16436] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.5736: couldn't read orphan inode 11 (err -117)
[  169.605808][T16436] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.624141][T16436] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.5736: Invalid block bitmap block 0 in block_group 0
[  169.638067][T16436] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.5736: Failed to acquire dquot type 0
[  169.674248][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.700469][T16443] loop4: detected capacity change from 0 to 256
[  169.896588][T16460] loop4: detected capacity change from 0 to 512
[  169.908586][T16460] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  169.918722][T16460] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  169.926752][T16460] System zones: 1-12
[  169.932530][T16460] EXT4-fs error (device loop4): ext4_iget_extra_inode:5073: inode #15: comm syz.4.5749: corrupted in-inode xattr: e_value size too large
[  169.947140][T16460] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5749: couldn't read orphan inode 15 (err -117)
[  169.972292][T16460] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.004000][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.138375][T16478] loop4: detected capacity change from 0 to 128
[  170.160701][T16478] FAT-fs (loop4): Directory bread(block 32) failed
[  170.167267][T16478] FAT-fs (loop4): Directory bread(block 33) failed
[  170.174232][T16478] FAT-fs (loop4): Directory bread(block 34) failed
[  170.181357][T16478] FAT-fs (loop4): Directory bread(block 35) failed
[  170.194982][T16478] FAT-fs (loop4): Directory bread(block 36) failed
[  170.211281][T16478] FAT-fs (loop4): Directory bread(block 37) failed
[  170.251661][T16478] FAT-fs (loop4): Directory bread(block 38) failed
[  170.262241][T16478] FAT-fs (loop4): Directory bread(block 39) failed
[  170.269567][T16478] FAT-fs (loop4): Directory bread(block 40) failed
[  170.276616][T16478] FAT-fs (loop4): Directory bread(block 41) failed
[  170.325018][T16485] loop5: detected capacity change from 0 to 1024
[  170.340667][T16485] EXT4-fs: Ignoring removed orlov option
[  170.363425][T16485] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.471323][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.636602][T16514] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  170.655485][T16514] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  170.663869][T16514] System zones: 1-12
[  170.668085][T16514] EXT4-fs error (device loop5): ext4_iget_extra_inode:5073: inode #15: comm syz.5.5773: corrupted in-inode xattr: e_value size too large
[  170.682523][T16514] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.5773: couldn't read orphan inode 15 (err -117)
[  170.695249][T16514] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.724907][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.764094][T16519] lo speed is unknown, defaulting to 1000
[  170.860228][T16526] msdos: Unknown parameter 'A'
[  170.964465][T16545] EXT4-fs: Ignoring removed bh option
[  170.970310][T16545] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  170.979737][T16545] EXT4-fs (loop2): 1 truncate cleaned up
[  170.987171][T16545] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.030004][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.109615][T16565] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  171.119171][T16565] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  171.130019][T16565] System zones: 1-12
[  171.134412][T16565] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.5795: corrupted in-inode xattr: e_value size too large
[  171.148691][T16565] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.5795: couldn't read orphan inode 15 (err -117)
[  171.161232][T16565] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.200649][ T6404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.221649][T16574] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  171.268649][ T3321] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  171.361679][T16596] bond0: (slave bridge0): Releasing backup interface
[  171.387887][T16602] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5814'.
[  171.389485][T16596] bridge0: left promiscuous mode
[  171.401983][T16596] bridge0: left allmulticast mode
[  171.416500][T16596] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  171.452264][T16605] blktrace: Concurrent blktraces are not allowed on sg0
[  171.534029][T16607] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.623512][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.733153][T16645] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  171.768570][T16645] syz.5.5842: attempt to access beyond end of device
[  171.768570][T16645] loop5: rw=2049, sector=656, nr_sectors = 32 limit=512
[  171.783437][T16645] syz.5.5842: attempt to access beyond end of device
[  171.783437][T16645] loop5: rw=2049, sector=720, nr_sectors = 32 limit=512
[  171.800478][T16645] syz.5.5842: attempt to access beyond end of device
[  171.800478][T16645] loop5: rw=2049, sector=784, nr_sectors = 32 limit=512
[  171.814379][T16645] syz.5.5842: attempt to access beyond end of device
[  171.814379][T16645] loop5: rw=2049, sector=848, nr_sectors = 32 limit=512
[  171.887143][T16661] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5850'.
[  171.918595][T16667] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5839'.
[  171.927648][T16667] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5839'.
[  171.942843][T16663] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.956572][T16669] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  171.973319][T16669] EXT4-fs (loop5): 1 truncate cleaned up
[  171.981233][T16663] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.5838: bg 0: block 345: padding at end of block bitmap is not set
[  171.990628][T16669] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.995822][T16663] EXT4-fs (loop2): Remounting filesystem read-only
[  172.018846][T16663] EXT4-fs warning (device loop2): ext4_xattr_inode_lookup_create:1606: inode #18: comm syz.2.5838: cleanup dec ref error -117
[  172.054156][T16669] EXT4-fs (loop5): shut down requested (0)
[  172.068315][T16680] EXT4-fs: Ignoring removed orlov option
[  172.075117][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.085773][T16669] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  172.092737][T16680] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.096240][T16669] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  172.126844][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.139536][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.199319][T16694] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  172.235557][T16701] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  172.261456][T16701] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  172.269635][T16701] EXT4-fs (loop6): orphan cleanup on readonly fs
[  172.276461][T16701] EXT4-fs error (device loop6): ext4_free_blocks:6728: comm syz.6.5854: Freeing blocks not in datazone - block = 0, count = 4096
[  172.291120][T16701] EXT4-fs (loop6): 1 orphan inode deleted
[  172.310698][T16701] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  172.325678][T16711] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  172.347837][T16711] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  172.408712][ T6404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.437995][T16723] bond2: entered promiscuous mode
[  172.443220][T16723] bond2: entered allmulticast mode
[  172.450954][T16723] 8021q: adding VLAN 0 to HW filter on device bond2
[  172.479681][T16723] bond2 (unregistering): Released all slaves
[  172.544912][T16731] EXT4-fs (loop0): failed to initialize system zone (-117)
[  172.553054][T16731] EXT4-fs (loop0): mount failed
[  172.567186][T16738] EXT4-fs (loop6): 1 truncate cleaned up
[  172.590655][T16738] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.606297][T16743] netlink: 'syz.4.5874': attribute type 1 has an invalid length.
[  172.629292][T16745] netlink: 664 bytes leftover after parsing attributes in process `syz.0.5875'.
[  172.695450][   T29] kauditd_printk_skb: 172 callbacks suppressed
[  172.695468][   T29] audit: type=1400 audit(172.674:4749): avc:  denied  { create } for  pid=16752 comm="syz.2.5879" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  172.741591][   T29] audit: type=1400 audit(172.674:4750): avc:  denied  { write } for  pid=16752 comm="syz.2.5879" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  172.760580][   T29] audit: type=1400 audit(172.674:4751): avc:  denied  { connect } for  pid=16752 comm="syz.2.5879" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  172.779920][   T29] audit: type=1400 audit(172.674:4752): avc:  denied  { name_connect } for  pid=16752 comm="syz.2.5879" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  172.839046][ T6404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.845137][   T29] audit: type=1400 audit(172.814:4753): avc:  denied  { create } for  pid=16766 comm="syz.4.5889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  172.867118][   T29] audit: type=1400 audit(172.814:4754): avc:  denied  { ioctl } for  pid=16766 comm="syz.4.5889" path="socket:[47818]" dev="sockfs" ino=47818 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  172.929590][T16769] netlink: 'syz.5.5891': attribute type 3 has an invalid length.
[  173.004861][   T29] audit: type=1400 audit(172.984:4755): avc:  denied  { shutdown } for  pid=16784 comm="syz.4.5897" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  173.045277][   T29] audit: type=1326 audit(172.994:4756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16787 comm="syz.6.5899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448b16f749 code=0x7ffc0000
[  173.068340][   T29] audit: type=1326 audit(172.994:4757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16787 comm="syz.6.5899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448b16f749 code=0x7ffc0000
[  173.091308][   T29] audit: type=1326 audit(172.994:4758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16787 comm="syz.6.5899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f448b16f749 code=0x7ffc0000
[  173.490356][T16844] vlan2: entered allmulticast mode
[  173.495638][T16844] bridge0: port 1(vlan2) entered blocking state
[  173.502151][T16844] bridge0: port 1(vlan2) entered disabled state
[  173.543701][T16848] set_capacity_and_notify: 14 callbacks suppressed
[  173.543722][T16848] loop0: detected capacity change from 0 to 2048
[  173.574152][T16848] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.651387][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.675268][T16862] netem: change failed
[  173.731866][T16867] loop2: detected capacity change from 0 to 8192
[  173.751698][T16867] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 2068)
[  173.760568][T16867] FAT-fs (loop2): Filesystem has been set read-only
[  173.767396][T16867] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 2068)
[  173.801343][T16870] program syz.6.5937 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  173.846874][T16877] xt_hashlimit: max too large, truncated to 1048576
[  173.853829][T16873] 9pnet: Could not find request transport: tcitch
[  173.866842][T16877] No such timeout policy "syz1"
[  173.911333][T16883] loop2: detected capacity change from 0 to 512
[  173.918014][T16883] EXT4-fs: Ignoring removed oldalloc option
[  173.926386][T16883] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.973339][T16887] vhci_hcd: invalid port number 9
[  173.978431][T16887] vhci_hcd: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub
[  174.003727][T16883] EXT4-fs (loop2): shut down requested (1)
[  174.030317][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.305717][T16927] loop5: detected capacity change from 0 to 1024
[  174.312561][T16927] EXT4-fs: Ignoring removed mblk_io_submit option
[  174.340473][T16927] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.381278][ T6213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.381371][T16934] loop0: detected capacity change from 0 to 1024
[  174.397347][T16934] EXT4-fs: Ignoring removed nomblk_io_submit option
[  174.431509][T16934] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.465081][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.536871][T16950] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5980'.
[  174.688269][T16960] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5973'.
[  174.750724][T16964] loop5: detected capacity change from 0 to 2048
[  174.764994][T16964] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.5975: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  174.999696][T16970] binfmt_misc: register: failed to install interpreter file ./file0
[  175.298783][T16985] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5984'.
[  175.307815][T16985] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5984'.
[  175.378278][T16990] loop6: detected capacity change from 0 to 512
[  175.385564][T16990] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  175.397701][T16990] EXT4-fs (loop6): 1 truncate cleaned up
[  175.407595][T16990] EXT4-fs (loop6): shut down requested (0)
[  175.426581][T16990] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  175.437723][T16990] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  175.476112][T17004] loop6: detected capacity change from 0 to 2048
[  175.500713][T17004]  loop6: p1 < > p4
[  175.505438][T17004] loop6: p4 size 8388608 extends beyond EOD, truncated
[  175.525979][T17005] lo speed is unknown, defaulting to 1000
[  175.638950][T17014] loop6: detected capacity change from 0 to 2048
[  175.767053][T17030] loop4: detected capacity change from 0 to 512
[  175.785694][T17030] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.6005: invalid block
[  175.798445][T17030] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.6005: invalid indirect mapped block 4294967295 (level 1)
[  175.813147][T17030] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.6005: invalid indirect mapped block 4294967295 (level 1)
[  175.827633][T17030] EXT4-fs (loop4): 2 truncates cleaned up
[  175.878489][T17038] netlink: 48 bytes leftover after parsing attributes in process `syz.4.6020'.
[  175.916600][ T6404] rock: directory entry would overflow storage
[  175.922881][ T6404] rock: sig=0x4f50, size=4, remaining=3
[  175.928435][ T6404] iso9660: Corrupted directory entry in block 2 of inode 1472
[  175.940684][T17047] netdevsim netdevsim4: Direct firmware load for ( failed with error -2
[  175.941908][ T6404] iso9660: Corrupted directory entry in block 2 of inode 1472
[  176.019314][T17057] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  176.030492][T17057] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  176.041821][T17057] JBD2: no valid journal superblock found
[  176.047599][T17057] EXT4-fs (loop4): Could not load journal inode
[  176.131043][T17072] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  176.257933][T17088] openvswitch: netlink: Missing key (keys=40, expected=80)
[  176.388580][T17101] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  176.466725][T17101] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  176.533852][T17126] sch_fq: defrate 4294967295 ignored.
[  176.685973][T17155] vhci_hcd: default hub control req: 0317 v0000 i0000 l173
[  177.026972][T17226] team0 (unregistering): Port device team_slave_0 removed
[  177.063722][T17226] team0 (unregistering): Port device team_slave_1 removed
[  177.365740][T17295] __nla_validate_parse: 2 callbacks suppressed
[  177.365828][T17295] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6089'.
[  177.383582][T17295] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  177.427928][T17306] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.437257][T17306] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  177.593559][T17334] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.6093: bg 0: block 345: padding at end of block bitmap is not set
[  177.609356][T17334] EXT4-fs (loop0): Remounting filesystem read-only
[  177.689819][T17343] rock: directory entry would overflow storage
[  177.696120][T17343] rock: sig=0x4f50, size=4, remaining=3
[  177.700506][   T29] kauditd_printk_skb: 170 callbacks suppressed
[  177.700524][   T29] audit: type=1326 audit(178.686:4929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17344 comm="syz.0.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8325bf749 code=0x7ffc0000
[  177.701753][T17343] iso9660: Corrupted directory entry in block 4 of inode 1792
[  177.708051][   T29] audit: type=1326 audit(178.686:4930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17344 comm="syz.0.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8325bf749 code=0x7ffc0000
[  177.761579][   T29] audit: type=1326 audit(178.716:4931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17344 comm="syz.0.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8325bf749 code=0x7ffc0000
[  177.784632][   T29] audit: type=1326 audit(178.716:4932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17344 comm="syz.0.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8325bf749 code=0x7ffc0000
[  177.807618][   T29] audit: type=1326 audit(178.716:4933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17344 comm="syz.0.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8325bf749 code=0x7ffc0000
[  177.830693][   T29] audit: type=1326 audit(178.716:4934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17344 comm="syz.0.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8325bf749 code=0x7ffc0000
[  177.853679][   T29] audit: type=1326 audit(178.716:4935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17344 comm="syz.0.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8325bf749 code=0x7ffc0000
[  177.876599][   T29] audit: type=1326 audit(178.716:4936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17344 comm="syz.0.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8325bf749 code=0x7ffc0000
[  177.899573][   T29] audit: type=1326 audit(178.716:4937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17344 comm="syz.0.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8325bf749 code=0x7ffc0000
[  177.922468][   T29] audit: type=1326 audit(178.716:4938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17344 comm="syz.0.6102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8325bf749 code=0x7ffc0000
[  177.975460][T17355] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6105'.
[  178.248570][T17395] netlink: 'syz.4.6125': attribute type 13 has an invalid length.
[  178.414769][T17395] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  178.428231][T17415] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6135'.
[  178.431985][T17395] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  178.532764][   T37] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  178.551326][   T37] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  178.562317][   T37] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  178.584266][   T37] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  178.593342][T17431] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6140'.
[  178.635737][T17439] set_capacity_and_notify: 6 callbacks suppressed
[  178.635751][T17439] loop4: detected capacity change from 0 to 1024
[  178.805567][T17470] loop6: detected capacity change from 0 to 512
[  178.816478][T17469] netlink: 'syz.0.6159': attribute type 1 has an invalid length.
[  178.826432][T17470] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  178.917111][T17484] loop5: detected capacity change from 0 to 2048
[  178.931283][T17487] vhci_hcd: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub
[  178.944451][T17484] EXT4-fs: Ignoring removed bh option
[  178.990734][T17484] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  179.032329][T17505] loop6: detected capacity change from 0 to 164
[  179.039121][T17484] EXT4-fs (loop5): Remounting filesystem read-only
[  179.046880][T17505] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  179.055216][T17484] EXT4-fs (loop5): shut down requested (0)
[  179.070563][T17505] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  179.081578][T17505] Symlink component flag not implemented
[  179.087273][T17505] Symlink component flag not implemented
[  179.096692][T17509] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6177'.
[  179.105668][T17509] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6177'.
[  179.124444][T17505] Symlink component flag not implemented (7)
[  179.130559][T17505] Symlink component flag not implemented (116)
[  179.137754][T17509] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6177'.
[  179.262211][T17528] netlink: 'syz.2.6184': attribute type 4 has an invalid length.
[  179.556476][T17567] loop6: detected capacity change from 0 to 2048
[  179.589904][T17552] loop0: detected capacity change from 0 to 1024
[  179.602550][T17552] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.6194: Failed to acquire dquot type 0
[  179.614571][T17552] EXT4-fs (loop0): 1 truncate cleaned up
[  179.710546][T17578] loop0: detected capacity change from 0 to 512
[  179.725714][T17578] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.6205: corrupted xattr block 33: bad e_name length
[  179.739312][T17578] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=15
[  179.748436][T17578] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.6205: corrupted xattr block 33: bad e_name length
[  179.863516][T17598] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6222'.
[  179.935923][T17605] loop2: detected capacity change from 0 to 2048
[  179.954983][T17610] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  179.963935][T17605] EXT4-fs (loop2): failed to initialize system zone (-117)
[  179.973642][T17605] EXT4-fs (loop2): mount failed
[  180.026271][T17617] loop6: detected capacity change from 0 to 2048
[  180.111335][T17617]  loop6: p2 p3 p7
[  180.482008][   T53] Bluetooth: hci0: Frame reassembly failed (-84)
[  180.906690][T17664] netlink: 64 bytes leftover after parsing attributes in process `syz.2.6240'.
[  180.969478][T17668] loop4: detected capacity change from 0 to 512
[  180.984571][T17668] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #2: comm syz.4.6243: corrupted inode contents
[  180.996673][T17668] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #2: comm syz.4.6243: mark_inode_dirty error
[  181.008387][T17668] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #2: comm syz.4.6243: corrupted inode contents
[  181.021528][T17668] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.6243: mark_inode_dirty error
[  181.036983][T17668] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  181.124875][T17676] hub 6-0:1.0: USB hub found
[  181.129674][T17676] hub 6-0:1.0: 8 ports detected
[  181.155064][T17680] vhci_hcd: default hub control req: 0314 v001b i0006 l0
[  181.308610][T17693] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6264'.
[  181.317935][T17693] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  181.335945][T17696] xt_hashlimit: max too large, truncated to 1048576
[  181.408746][T17706] EXT4-fs: Ignoring removed bh option
[  181.414707][T17706] EXT4-fs: inline encryption not supported
[  181.421195][T17706] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  181.437819][T17706] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e84ce028, mo2=0000]
[  181.446153][T17706] System zones: 0-1, 3-12
[  181.451320][T17714] SELinux: failed to load policy
[  181.452175][T17706] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #3: block 1: comm syz.4.6259: lblock 1 mapped to illegal pblock 1 (length 1)
[  181.470815][T17706] EXT4-fs (loop4): Remounting filesystem read-only
[  181.477453][T17706] EXT4-fs (loop4): 1 orphan inode deleted
[  181.558226][T17724] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  181.953088][T17747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.961797][T17747] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  182.393011][T17758] EXT4-fs: Ignoring removed nobh option
[  182.398653][T17758] EXT4-fs: Ignoring removed bh option
[  182.430818][T17758] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.6283: Allocating blocks 497-513 which overlap fs metadata
[  182.446789][T17758] EXT4-fs (loop2): pa ffff888107a26bd0: logic 16, phys. 129, len 24
[  182.455110][T17758] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1
[  182.489326][T17770] netlink: 'syz.0.6290': attribute type 5 has an invalid length.
[  182.490464][ T3577] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  182.501415][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  182.564807][T17780] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  182.564828][T17780] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  182.712891][   T29] kauditd_printk_skb: 303 callbacks suppressed
[  182.712908][   T29] audit: type=1400 audit(183.691:5238): avc:  denied  { unlink } for  pid=3321 comm="syz-executor" name="file0" dev="tmpfs" ino=6691 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  182.743585][   T29] audit: type=1400 audit(183.721:5239): avc:  denied  { read } for  pid=17794 comm="syz.2.6297" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  182.774676][T17800] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  182.804365][T17804] sch_tbf: burst 19920 is lower than device lo mtu (65550) !
[  182.840567][   T29] audit: type=1400 audit(183.821:5240): avc:  denied  { read } for  pid=17807 comm="syz.0.6305" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  182.880875][   T29] audit: type=1400 audit(183.821:5241): avc:  denied  { open } for  pid=17807 comm="syz.0.6305" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  182.903682][   T29] audit: type=1400 audit(183.821:5242): avc:  denied  { write } for  pid=17807 comm="syz.0.6305" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  182.925986][   T29] audit: type=1400 audit(183.821:5243): avc:  denied  { block_suspend } for  pid=17807 comm="syz.0.6305" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  182.949683][   T29] audit: type=1326 audit(183.921:5244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17809 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  182.972726][   T29] audit: type=1326 audit(183.921:5245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17809 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  182.995768][   T29] audit: type=1326 audit(183.921:5246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17809 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  183.018749][   T29] audit: type=1326 audit(183.921:5247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17809 comm="syz.4.6308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ce55f749 code=0x7ffc0000
[  183.023569][T17812] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6307'.
[  183.522268][T17839] sch_tbf: burst 19920 is lower than device lo mtu (65550) !
[  183.685660][T17851] set_capacity_and_notify: 2 callbacks suppressed
[  183.685680][T17851] loop2: detected capacity change from 0 to 1024
[  183.705555][T17853] loop4: detected capacity change from 0 to 512
[  183.722716][T17853] EXT4-fs: Ignoring removed oldalloc option
[  183.722961][T17851] EXT4-fs: Ignoring removed mblk_io_submit option
[  183.765291][T17858] xt_hashlimit: max too large, truncated to 1048576
[  183.778477][T17851] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  183.787345][T17858] No such timeout policy "syz1"
[  183.800595][T17853] EXT4-fs (loop4): shut down requested (1)
[  183.810312][T17851] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  183.837231][T17851] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #11: comm syz.2.6337: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  183.856285][T17851] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.6337: couldn't read orphan inode 11 (err -117)
[  183.875980][T17851] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.6337: Invalid block bitmap block 0 in block_group 0
[  183.891661][T17851] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.6337: Failed to acquire dquot type 0
[  183.968263][T17870] loop6: detected capacity change from 0 to 4096
[  184.330509][T17926] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  184.456855][T17945] loop0: detected capacity change from 0 to 512
[  184.622393][T17966] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6388'.
[  184.761046][T17990] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6399'.
[  184.789144][T17995] loop0: detected capacity change from 0 to 512
[  184.853983][T17995] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  184.886732][T18007] siw: device registration error -23
[  184.920293][T17995] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 28
[  184.932549][T17995] EXT4-fs (loop0): This should not happen!! Data will be lost
[  184.932549][T17995] 
[  184.942418][T17995] EXT4-fs (loop0): Total free blocks count 0
[  184.948423][T17995] EXT4-fs (loop0): Free/Dirty block details
[  184.954352][T17995] EXT4-fs (loop0): free_blocks=65280
[  184.959731][T17995] EXT4-fs (loop0): dirty_blocks=31
[  184.964849][T17995] EXT4-fs (loop0): Block reservation details
[  184.970905][T17995] EXT4-fs (loop0): i_reserved_data_blocks=31
[  185.005277][   T53] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 30 with error 28
[  185.017747][   T53] EXT4-fs (loop0): This should not happen!! Data will be lost
[  185.017747][   T53] 
[  185.033985][T18020] rdma_op ffff88811c284d80 conn xmit_rdma 0000000000000000
[  185.067800][T18025] xfrm0: entered promiscuous mode
[  185.153490][T18035] loop2: detected capacity change from 0 to 512
[  185.170516][T18035] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  185.170637][T18043] netlink: 48 bytes leftover after parsing attributes in process `gtp'.
[  185.224700][T18035] EXT4-fs (loop2): 1 truncate cleaned up
[  185.240953][T18035] EXT4-fs (loop2): shut down requested (0)
[  185.260176][T18035] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  185.300808][T18035] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  185.801150][T18098] loop0: detected capacity change from 0 to 1024
[  185.809295][T18098] EXT4-fs: Ignoring removed nomblk_io_submit option
[  185.819192][T18098] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  185.819265][T18098] System zones: 0-1, 3-36
[  186.207248][T18113] sch_tbf: burst 19920 is lower than device lo mtu (65550) !
[  186.267113][T18117] xt_hashlimit: max too large, truncated to 1048576
[  186.328972][T18128] loop4: detected capacity change from 0 to 1024
[  186.367388][T18128] EXT4-fs: Ignoring removed mblk_io_submit option
[  186.383465][T18136] loop5: detected capacity change from 0 to 512
[  186.428411][T18136] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #2: comm syz.5.6451: corrupted inode contents
[  186.457617][T18136] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #2: comm syz.5.6451: mark_inode_dirty error
[  186.469415][T18136] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #2: comm syz.5.6451: corrupted inode contents
[  186.481781][T18136] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.6451: mark_inode_dirty error
[  186.493897][T18153] team0 (unregistering): left allmulticast mode
[  186.500302][T18153] team_slave_0: left allmulticast mode
[  186.505785][T18153] ±ÿ: left allmulticast mode
[  186.510572][T18153] team0 (unregistering): left promiscuous mode
[  186.516846][T18153] team_slave_0: left promiscuous mode
[  186.522315][T18153] ±ÿ: left promiscuous mode
[  186.527082][T18153] bridge0: port 3(team0) entered disabled state
[  186.534878][T18136] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  186.545051][T18153] team0 (unregistering): Port device team_slave_0 removed
[  186.556198][T18153] team0 (unregistering): Port device 
2
6±ÿ removed
[  186.575611][T18153] team0 (unregistering): Port device bridge1 removed
[  186.595811][T18160] loop0: detected capacity change from 0 to 512
[  186.615512][T18163] xt_hashlimit: max too large, truncated to 1048576
[  186.631301][T18160] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.6471: error while reading EA inode 32 err=-116
[  186.644674][T18160] EXT4-fs (loop0): Remounting filesystem read-only
[  186.651765][T18164] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  186.652642][T18160] EXT4-fs warning (device loop0): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[  186.677021][T18160] EXT4-fs (loop0): 1 orphan inode deleted
[  186.679277][T18164] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 28
[  186.695123][T18164] EXT4-fs (loop2): This should not happen!! Data will be lost
[  186.695123][T18164] 
[  186.704947][T18164] EXT4-fs (loop2): Total free blocks count 0
[  186.711001][T18164] EXT4-fs (loop2): Free/Dirty block details
[  186.716949][T18164] EXT4-fs (loop2): free_blocks=65280
[  186.722292][T18164] EXT4-fs (loop2): dirty_blocks=31
[  186.727425][T18164] EXT4-fs (loop2): Block reservation details
[  186.733484][T18164] EXT4-fs (loop2): i_reserved_data_blocks=31
[  186.744993][T18171] EXT4-fs: Ignoring removed oldalloc option
[  186.753663][T18174] lo: Caught tx_queue_len zero misconfig
[  186.759353][T18174] sch_tbf: burst 19920 is lower than device lo mtu (65550) !
[  186.767408][  T312] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 30 with error 28
[  186.780121][  T312] EXT4-fs (loop2): This should not happen!! Data will be lost
[  186.780121][  T312] 
[  186.864648][T18186] EXT4-fs: Ignoring removed mblk_io_submit option
[  186.872014][T18187] EXT4-fs (loop5): shut down requested (1)
[  186.900774][T18184]  loop2: p1 < > p4
[  186.905582][T18184] loop2: p4 size 8388608 extends beyond EOD, truncated
[  187.108436][T18198] xt_hashlimit: max too large, truncated to 1048576
[  187.121197][T18199] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  187.200330][T18215] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  187.268006][T18219] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  187.283775][T18219] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 28
[  187.296127][T18219] EXT4-fs (loop5): This should not happen!! Data will be lost
[  187.296127][T18219] 
[  187.305854][T18219] EXT4-fs (loop5): Total free blocks count 0
[  187.311884][T18219] EXT4-fs (loop5): Free/Dirty block details
[  187.317877][T18219] EXT4-fs (loop5): free_blocks=65280
[  187.323224][T18219] EXT4-fs (loop5): dirty_blocks=31
[  187.328344][T18219] EXT4-fs (loop5): Block reservation details
[  187.334401][T18219] EXT4-fs (loop5): i_reserved_data_blocks=31
[  187.373042][T18230] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  187.381359][T18230] EXT4-fs (loop4): orphan cleanup on readonly fs
[  187.389420][T18230] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #16: comm syz.4.6488: corrupted inode contents
[  187.403835][  T312] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 30 with error 28
[  187.416170][  T312] EXT4-fs (loop5): This should not happen!! Data will be lost
[  187.416170][  T312] 
[  187.431668][T18230] EXT4-fs (loop4): Remounting filesystem read-only
[  187.443925][T18230] EXT4-fs (loop4): 1 truncate cleaned up
[  187.449699][T18228] lo speed is unknown, defaulting to 1000
[  187.457502][T18235] xt_hashlimit: max too large, truncated to 1048576
[  187.466479][  T312] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  187.477127][  T312] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  187.500425][  T312] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  187.537768][T18242] xt_hashlimit: max too large, truncated to 1048576
[  187.623288][T18256] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  187.725266][T18266] EXT4-fs: Ignoring removed bh option
[  187.731332][T18266] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  187.741109][T18266] EXT4-fs (loop6): 1 truncate cleaned up
[  187.785079][T18272] EXT4-fs (loop2): 1 truncate cleaned up
[  187.880316][T18277] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  187.895199][T18277] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 28
[  187.907458][T18277] EXT4-fs (loop4): This should not happen!! Data will be lost
[  187.907458][T18277] 
[  187.917202][T18277] EXT4-fs (loop4): Total free blocks count 0
[  187.923272][T18277] EXT4-fs (loop4): Free/Dirty block details
[  187.929197][T18277] EXT4-fs (loop4): free_blocks=65280
[  187.934764][T18277] EXT4-fs (loop4): dirty_blocks=31
[  187.940563][T18277] EXT4-fs (loop4): Block reservation details
[  187.946561][T18277] EXT4-fs (loop4): i_reserved_data_blocks=31
[  187.965228][  T312] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 30 with error 28
[  187.977606][  T312] EXT4-fs (loop4): This should not happen!! Data will be lost
[  187.977606][  T312] 
[  188.021567][T18285] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  188.030449][T18285] EXT4-fs (loop2): orphan cleanup on readonly fs
[  188.038392][T18285] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.6510: corrupted inode contents
[  188.050646][T18285] EXT4-fs (loop2): Remounting filesystem read-only
[  188.057310][T18285] EXT4-fs (loop2): 1 truncate cleaned up
[  188.063257][  T312] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  188.073819][  T312] __quota_error: 175 callbacks suppressed
[  188.073834][  T312] Quota error (device loop2): write_blk: dquota write failed
[  188.087056][  T312] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  188.097101][  T312] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  188.107715][  T312] Quota error (device loop2): write_blk: dquota write failed
[  188.115179][  T312] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  188.125279][  T312] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  188.126737][T18275] lo speed is unknown, defaulting to 1000
[  188.135495][  T312] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  188.150115][  T312] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  188.211173][   T29] audit: type=1400 audit(189.191:5415): avc:  denied  { read } for  pid=18294 comm="syz.2.6514" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  188.238055][T18291] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  188.253196][T18291] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 28
[  188.265420][T18291] EXT4-fs (loop0): This should not happen!! Data will be lost
[  188.265420][T18291] 
[  188.275124][T18291] EXT4-fs (loop0): Total free blocks count 0
[  188.281123][T18291] EXT4-fs (loop0): Free/Dirty block details
[  188.287008][T18291] EXT4-fs (loop0): free_blocks=65280
[  188.292384][T18291] EXT4-fs (loop0): dirty_blocks=31
[  188.297576][T18291] EXT4-fs (loop0): Block reservation details
[  188.303566][T18291] EXT4-fs (loop0): i_reserved_data_blocks=31
[  188.319944][ T3442] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 30 with error 28
[  188.332316][ T3442] EXT4-fs (loop0): This should not happen!! Data will be lost
[  188.332316][ T3442] 
[  188.370362][   T29] audit: type=1400 audit(189.341:5416): avc:  denied  { ioctl } for  pid=18299 comm="syz.5.6516" path="socket:[53127]" dev="sockfs" ino=53127 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  188.421279][   T29] audit: type=1400 audit(189.381:5417): avc:  denied  { write } for  pid=18299 comm="syz.5.6516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  188.441961][T18302] EXT4-fs error (device loop6): ext4_find_extent:939: inode #2: comm syz.6.6517: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  188.490953][   T29] audit: type=1400 audit(189.471:5418): avc:  denied  { setopt } for  pid=18309 comm="syz.6.6518" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  188.511160][T18308]  loop5: p1 < > p4
[  188.515697][T18308] loop5: p4 size 8388608 extends beyond EOD, truncated
[  188.657992][T18318] vhci_hcd: invalid port number 9
[  188.663175][T18318] vhci_hcd: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub
[  188.689500][T18316] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 2068)
[  188.698364][T18316] FAT-fs (loop6): Filesystem has been set read-only
[  188.706534][T18316] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 2068)
[  188.794768][T18325] set_capacity_and_notify: 14 callbacks suppressed
[  188.794788][T18325] loop5: detected capacity change from 0 to 1024
[  188.808978][T18325] EXT4-fs: Ignoring removed nomblk_io_submit option
[  188.892107][T18341] loop0: detected capacity change from 0 to 512
[  188.900924][T18341] EXT4-fs (loop0): 1 truncate cleaned up
[  188.940985][T18347] loop6: detected capacity change from 0 to 512
[  188.950158][T18347] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  188.961776][T18347] EXT4-fs (loop6): 1 truncate cleaned up
[  188.971100][T18347] EXT4-fs (loop6): shut down requested (0)
[  188.978221][T18347] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  188.987592][T18347] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  189.798667][T18360] loop2: detected capacity change from 0 to 1024
[  189.802312][T18357] loop4: detected capacity change from 0 to 2048
[  189.812674][T18360] EXT4-fs: Ignoring removed nomblk_io_submit option
[  189.850571][T18357]  loop4: p1 < > p4
[  189.869047][T18357] loop4: p4 size 8388608 extends beyond EOD, truncated
[  189.884189][T18372] loop6: detected capacity change from 0 to 512
[  189.904923][T18372] EXT4-fs error (device loop6): ext4_xattr_inode_iget:446: comm syz.6.6546: error while reading EA inode 32 err=-116
[  189.928066][T18372] EXT4-fs (loop6): Remounting filesystem read-only
[  189.934782][T18372] EXT4-fs warning (device loop6): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[  189.946383][T18372] EXT4-fs (loop6): 1 orphan inode deleted
[  189.975737][T18376] loop2: detected capacity change from 0 to 128
[  189.985687][T18376] vfat: Unknown parameter 'ÿÿÿÿÿÿÿÿ'
[  190.154734][T18390] loop5: detected capacity change from 0 to 512
[  190.172942][T18390] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.6553: invalid block
[  190.185833][T18390] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.6553: invalid indirect mapped block 4294967295 (level 1)
[  190.200318][T18390] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.6553: invalid indirect mapped block 4294967295 (level 1)
[  190.215322][T18390] EXT4-fs (loop5): 2 truncates cleaned up
[  190.248272][T18398] loop4: detected capacity change from 0 to 512
[  190.678677][T18430] loop0: detected capacity change from 0 to 2048
[  190.693917][T18432] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.6570: invalid block
[  190.706902][T18432] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.6570: invalid indirect mapped block 4294967295 (level 1)
[  190.723279][T18432] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.6570: invalid indirect mapped block 4294967295 (level 1)
[  190.737784][T18430]  loop0: p1 < > p4
[  190.740763][T18432] EXT4-fs (loop2): 2 truncates cleaned up
[  190.747574][T18430] loop0: p4 size 8388608 extends beyond EOD, truncated
[  191.040633][T18436] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.6581: Failed to acquire dquot type 0
[  191.052451][T18436] EXT4-fs (loop5): 1 truncate cleaned up
[  191.229966][T18459] siw: device registration error -23
[  191.784757][T18493] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.6588: corrupted inode contents
[  191.809545][T18493] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #2: comm syz.0.6588: mark_inode_dirty error
[  191.821338][T18493] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.6588: corrupted inode contents
[  191.834646][T18493] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.6588: mark_inode_dirty error
[  191.882428][T18493] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  191.953339][T18486] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.6592: Failed to acquire dquot type 0
[  191.974612][T18486] EXT4-fs (loop4): 1 truncate cleaned up
[  192.086685][T18520] netlink: 48 bytes leftover after parsing attributes in process `syz.5.6615'.
[  192.138022][ T3324] ==================================================================
[  192.146166][ T3324] BUG: KCSAN: data-race in __lru_add_drain_all / folio_add_lru
[  192.153835][ T3324] 
[  192.156167][ T3324] read-write to 0xffff888237c26468 of 1 bytes by task 18473 on cpu 0:
[  192.164366][ T3324]  folio_add_lru+0xa5/0x1f0
[  192.168908][ T3324]  shmem_get_folio_gfp+0x7ab/0xd60
[  192.174145][ T3324]  shmem_write_begin+0xa8/0x190
[  192.179017][ T3324]  generic_perform_write+0x184/0x490
[  192.184415][ T3324]  shmem_file_write_iter+0xc5/0xf0
[  192.189563][ T3324]  __kernel_write_iter+0x2d6/0x540
[  192.194696][ T3324]  dump_user_range+0x61e/0x8f0
[  192.199506][ T3324]  elf_core_dump+0x1de7/0x1f80
[  192.204298][ T3324]  coredump_write+0xacf/0xdf0
[  192.208990][ T3324]  vfs_coredump+0x24f7/0x2e60
[  192.213676][ T3324]  get_signal+0xd84/0xf70
[  192.218062][ T3324]  arch_do_signal_or_restart+0x96/0x450
[  192.223620][ T3324]  irqentry_exit+0xfb/0x560
[  192.228140][ T3324]  asm_exc_page_fault+0x26/0x30
[  192.233009][ T3324] 
[  192.235335][ T3324] read to 0xffff888237c26468 of 1 bytes by task 3324 on cpu 1:
[  192.242881][ T3324]  __lru_add_drain_all+0x17e/0x450
[  192.248009][ T3324]  lru_add_drain_all+0x10/0x20
[  192.252786][ T3324]  invalidate_bdev+0x47/0x70
[  192.257385][ T3324]  ext4_put_super+0x624/0x7d0
[  192.262073][ T3324]  generic_shutdown_super+0xe6/0x210
[  192.267374][ T3324]  kill_block_super+0x2a/0x70
[  192.272058][ T3324]  ext4_kill_sb+0x42/0x80
[  192.276403][ T3324]  deactivate_locked_super+0x75/0x1c0
[  192.281793][ T3324]  deactivate_super+0x97/0xa0
[  192.286484][ T3324]  cleanup_mnt+0x2a9/0x320
[  192.290910][ T3324]  __cleanup_mnt+0x19/0x20
[  192.295337][ T3324]  task_work_run+0x131/0x1a0
[  192.299929][ T3324]  exit_to_user_mode_loop+0x1fe/0x740
[  192.305310][ T3324]  do_syscall_64+0x202/0x2a0
[  192.309912][ T3324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.315822][ T3324] 
[  192.318148][ T3324] value changed: 0x0d -> 0x0e
[  192.322820][ T3324] 
[  192.325143][ T3324] Reported by Kernel Concurrency Sanitizer on:
[  192.331327][ T3324] CPU: 1 UID: 0 PID: 3324 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  192.342794][ T3324] Tainted: [W]=WARN
[  192.346597][ T3324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  192.356652][ T3324] ==================================================================
[  192.372392][T18525] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6606'.